The request_reset_password form gets a custom formname, so it doesn't conflict with other forms on the page. This is not the case for the reset_password form, hence the problem.
Anthony On Friday, July 26, 2013 7:09:02 PM UTC-4, lesssugar wrote: > > OK, I figured it out. I have a hidden feedback form on every page > (generated with LOAD), which appears onclick. So basically when I go to > default/user/reset_password I have two forms on one page. I followed > instructions from the book and the problem is solved: > http://web2py.com/books/default/chapter/29/07/forms-and-validators#Multiple-forms-per-page > > Still, I'm not sure why everything worked fine on the > request_reset_password page. In this case there are also two forms per > page, however, they never collided. > > Anyway, thanks, Anthony. > > On Friday, July 26, 2013 9:54:32 PM UTC+2, Anthony wrote: >> >> Hmm, hard to say what's going on then, especially given that you can't >> replicate the problem in a fresh app. >> >> On Friday, July 26, 2013 11:23:01 AM UTC-4, lesssugar wrote: >>> >>> Checked it. >>> >>> After the form loads, session['_formkey[no_table/create]'] is the same >>> as the _formkey value in the form. Guess this makes it rather more >>> confusing. >>> >>> On Friday, July 26, 2013 5:07:26 PM UTC+2, Anthony wrote: >>>> >>>> After the page with the reset password form has been loaded, you can >>>> see if there is a _formkey[no_table/create] key in the session and confirm >>>> the value stored there is the same as the value in the hidden _formkey >>>> field in the form on the HTML page. >>>> >>>> Anthony >>>> >>>> On Friday, July 26, 2013 10:51:39 AM UTC-4, lesssugar wrote: >>>>> >>>>> It could be something with the session. As I wrote: the first form >>>>> (request_reset_password) works fine - it validates, it sends email with >>>>> reset link. But after the link is clicked and the reset_password form >>>>> appears - the form is useless, new password can't be created. >>>>> >>>>> You wrote that it's possible that the _formkey check does not pass >>>>> when submitting. Any ideas how to debug in such case? If it's not this, >>>>> it >>>>> could be everything. >>>>> >>>>> On Thursday, July 25, 2013 8:34:38 PM UTC+2, Anthony wrote: >>>>>> >>>>>> When the form doesn't validate but you get no error messages, it >>>>>> often means the _formkey checked didn't pass (the _formkey is stored in >>>>>> the >>>>>> session, so often this is due to an issue with the session or cookies). >>>>>> >>>>>> Anthony >>>>>> >>>>>> On Thursday, July 25, 2013 1:50:09 PM UTC-4, lesssugar wrote: >>>>>>> >>>>>>> No. Cookies are on. I'm not clearing the session explicitly anywhere >>>>>>> in the code neither. Just created dummy app to test password reset - >>>>>>> and >>>>>>> validation works fine in both forms (requesting reset, creating new >>>>>>> password). default/user function of the dummy application is standard >>>>>>> and >>>>>>> it looks just like mine. No idea what's going on, but it definitely >>>>>>> must be >>>>>>> my fault somehow. >>>>>>> >>>>>>> I'll keep digging. Let you know if I find the bug. >>>>>>> >>>>>>> On Thursday, July 25, 2013 6:08:38 PM UTC+2, Anthony wrote: >>>>>>>> >>>>>>>> Is it possible that cookies are disabled or that the session is >>>>>>>> somehow getting cleared (e.g., session.forget() or session.clear())? >>>>>>>> >>>>>>>> On Thursday, July 25, 2013 11:49:54 AM UTC-4, lesssugar wrote: >>>>>>>>> >>>>>>>>> When submitting the form with different passwords - the page >>>>>>>>> reloads and that's it. No validation, no error response.flash, >>>>>>>>> nothig. The >>>>>>>>> same issue occurs with the same passwords and with empty inputs. >>>>>>>>> >>>>>>>>> web2py version: 2.4.7-stable >>>>>>>>> >>>>>>>>> On Thursday, July 25, 2013 5:44:18 PM UTC+2, Anthony wrote: >>>>>>>>>> >>>>>>>>>> What happens if the passwords are different? Which version of >>>>>>>>>> web2py? >>>>>>>>>> >>>>>>>>>> On Thursday, July 25, 2013 11:14:21 AM UTC-4, lesssugar wrote: >>>>>>>>>>> >>>>>>>>>>> Thanks, Anthony, I removed the if statement and it worked for >>>>>>>>>>> request_reset_password. >>>>>>>>>>> >>>>>>>>>>> However, after I click the link sent to e-mail address, the >>>>>>>>>>> reset_password form still doesn't process "New password" and >>>>>>>>>>> "Verify >>>>>>>>>>> password" fields. The inputs can be empty, the passwords can be >>>>>>>>>>> different - >>>>>>>>>>> no validation is performed. >>>>>>>>>>> >>>>>>>>>>> On Thursday, July 25, 2013 4:51:46 PM UTC+2, Anthony wrote: >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> def user(): >>>>>>>>>>>>> >>>>>>>>>>>>> auth.settings.formstyle = 'divs' >>>>>>>>>>>>> >>>>>>>>>>>>> if request.args(0) == 'request_reset_password': >>>>>>>>>>>>> auth.request_reset_password(next = URL('default', 'index')) >>>>>>>>>>>>> >>>>>>>>>>>>> return dict(form=auth()) >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Your code is creating and processing the form twice. >>>>>>>>>>>> auth.request_reset_password(...) creates and processes the >>>>>>>>>>>> form (though you aren't storing that version in a variable and >>>>>>>>>>>> passing it >>>>>>>>>>>> to the view). Then, form=auth() once again calls >>>>>>>>>>>> auth.request_reset_password(), which creates and processes the >>>>>>>>>>>> form a second time. When the form is submitted, the first call >>>>>>>>>>>> processes >>>>>>>>>>>> the form and does the validation, but the second call then creates >>>>>>>>>>>> a new >>>>>>>>>>>> form. You can simply eliminate that whole "if" segment from your >>>>>>>>>>>> code -- >>>>>>>>>>>> form=auth() will take care of everything. >>>>>>>>>>>> >>>>>>>>>>>> Anthony >>>>>>>>>>>> >>>>>>>>>>>> -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
