Just one small change will fix this.
You're hashing the password, and sending that via email.
Change this part:
> Your new password: {$user['User']['password']}";
to use ['tmp_password'] instead of ['password'] since tmp_password isn't hashed.
Cheers,
Graham Weldon
e. [email protected]
w. http://grahamweldon.com
On 18/11/2009, at 9:41 PM, appel268576 wrote:
> Hi there.
>
> I have made use of this very handy tutorial that helped me set up a
> user authentication system within about 10 mins.
>
> I added an extra function which is basically the ability to allow
> users to request a new password, user receives an email with the new
> password, however this password is the already hashed password, NOT
> WHAT I WANT.
>
> Do you know where I could be going wrong?
>
> Below is the code
>
> VIEW
>
> <?php
> echo $form->create('User', array('action' => 'forgotpassword'));
> echo $form->input('email', array('label' => ''));
> echo $form->end('Reset Password');
> ?>
>
> CONTROLLER
>
> function forgotpassword() {
> if(!empty($this->data)) {
> $this->User->recursive = 0;
> $user =
> $this->User->findByEmail($this->data['User']['email']);
> if($user) {
> $user['User']['tmp_password'] =
> $this->User->createTempPassword
> (7);
> $user['User']['password'] =
> $this->Auth->password($user['User']
> ['tmp_password']);
>
> if($this->User->save($user, false)) {
> // send a mail to finish the
> registration
> $this->Email->to = $this->data['User']['email'];
> $this->Email->subject = 'XYZ new password';
> $this->Email->replyTo = '[email protected]';
> $this->Email->from = 'XYZ New Password
> <[email protected]>';
> $this->Email->sendAs = 'text';
> $this->Email->charset = 'utf-8';
> $body = "Please visit
> http://localhost:8888/xyz/users/login.
> Your new password: {$user['User']['password']}";
>
> if ($this->Email->send($body)) {
> $this->Session->setFlash(__('Your new password
> has been sent, please check your inbox', true), 'warning');
> } else {
> $this->Session->setFlash(__('Failed to send the
> confirmation email. Please contact the administrator at supp...@xxx',
> true), 'error');
> }
> $this->redirect(array('controller' => 'users',
> 'action' => 'login'));
> }
> } else {
> $this->Session->setFlash('No user was found
> with the submitted
> email address.');
> }
> }
> }
>
> MODEL
>
> function createTempPassword($len) {
> $pass = '';
> $lchar = 0;
> $char = 0;
> for($i = 0; $i < $len; $i++) {
> while($char == $lchar) {
> $char = rand(48, 109);
> if($char > 57) $char += 7;
> if($char > 90) $char += 6;
> }
> $pass .= chr($char);
> $lchar = $char;
> }
> return $pass;
> }
>
> --
>
> You received this message because you are subscribed to the Google Groups
> "CakePHP" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/cake-php?hl=.
>
>
--
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=.
