WebsiteBaker Support (2.12.x) > General Help & Support

PHP Fatal error: forgot-form

(1/1)

Vasiliy:
Hello!

I checked my site and found two more errors:
When prompted to fogot the password.

1. The first mistake. In the forgot_form.htt file
Line number 13

--- Quote ---<form action="{WB_URL}/account/forgot.php" method="post" class="account" autocomplete="off">
--- End quote ---
Variable value {WB_URL}
not defined in the file forgot_form.php .
Therefore, the wrong path to the form verification file forgot.php is called in the form.
I have Wb located in the subdectoria, and here the root path is called.

The solution is to add a line to the file forgot_form.php

--- Quote ---$template->set_var('WB_URL', WB_URL);
--- End quote ---
Now the correct path to the form validation file forgot.php is called.

2. The second mistake. It immediately appeared in the file forgot_form.php

--- Quote ---PHP Fatal error:  require_once(): Failed opening required '/public_html/wb-test/framework/PasswordHash.php'
--- End quote ---
This is the code that causes the error.

--- Quote ---require_once(WB_PATH.'/framework/PasswordHash.php');
                $pwh = new PasswordHash(0, true);
--- End quote ---

Vasiliy:
WB-Version 2.12.0
The solution (mistake 2) is to change code in line 73-77 in the file forgot_form.php


--- Quote ---require_once(WB_PATH.'/framework/PasswordHash.php');
$pwh = new PasswordHash(0, true);
$old_pass = $results_array['password'];
 // Generate a random password then update the database with it
 $new_pass = $pwh->NewPassword();
--- End quote ---
and line 79

--- Quote ---. '`password`=\''.$database->escapeString($pwh->HashPassword($new_pass, true)).'\', '
--- End quote ---

Code I am copy from file signup2.php

--- Quote ---$old_pass = $results_array['password'];
$new_pass = '';
$salt = "abchefghjkmnpqrstuv wxyz0123456789";
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 7)
{
   $num = rand() % 33;
    $tmp = substr($salt, $num, 1);
    $new_pass = $new_pass . $tmp;
    $i++;
}

// MD5 supplied password
$md5_password = md5($new_pass);
--- End quote ---

--- Quote ---. '`password`=\''.$database->escapeString($md5_password).'\', '
--- End quote ---
Now forget the password form work.
Without these changes, the form does not work.

hgs:
Did they install the fixes from here?
https://addon.WebsiteBaker.org/pages/en/home.php

(Password Fix WB 2.10.0 - 2.12.0)
(Bug-Fixes for WB 2.12.0 stable, We collect reported problems and publish fixes.)

dbs:
Confirmed, if WB is installed in a subdirectory.

hgs:
Yes, the error is detected and fixed. Thanks for the message.
Please download the fix from the addon page
https://addon.WebsiteBaker.org/pages/en/home.php
(Password Fix WB 2.10.0 - 2.12.0) (last changes 17-Oct-18 18:37 GMT)
and test it and give us your feedback.
Thank you

Navigation

[0] Message Index