I am having a lot of trouble with users registering twice on our site when the user forgets their password.

The trouble is that they can't ever remember their username AND the email, but they can always remember their email address.

How can I (safely) remove the requirement for a username, and just do a match on the email. By 'safely' I don't mean security, this is a basic community site, I just mean without screwing something up.

Thanks for your help!

I'd like to know this as well. There are a lot of sites out there that have "forgot username" and "forgot password" options, OR you just have to enter your email address as the user name.

I'd like to know this as well. There are a lot of sites out there that have "forgot username" and "forgot password" options, OR you just have to enter your email address as the user name.

I found this on joomla.org forum:
forum.joomla.org/index.php/topic,50531.new.html#new
>>CLIP<<
Eh ... if I'm not mistaken, on comprofiler.html.php, comment out the lines:


<tr>
<td><?php echo _PROMPT_UNAME; ?></td>
<td><input type="text" name="checkusername" class="inputbox" size="40" maxlength="25" /></td>
</tr>


Remember that "<!--" starts a block quote and "-->" ends it.

On comprofiler.php, replace:



if (!($user_id = $database->loadResult()) || !$checkusername || !$confirmEmail) {
mosRedirect(sefRelToAbs("index.php?option=$option&task=lostPassword"),_ERROR_PASS );
}


by



if (!$user_id || !$confirmEmail) {
mosRedirect(sefRelToAbs("index.php?option=$option&task=lostPassword"),_ERROR_PASS );
}

Ok, here's the code for the beginning of section "function sendNewPass" from the comprofiler.php. Notice the remarked code and the correspondent substitutions. Hopefully that is all ...


[code:1]
function sendNewPass( $option ) {
global $database, $Itemid;
global $ueConfig,$_PLUGINS;

// ensure no malicous sql gets past
// $checkusername = trim( mosGetParam( $_POST, 'checkusername', '') );
$confirmEmail = trim( mosGetParam( $_POST, 'confirmEmail', '') );

//$database->setQuery( "SELECT id FROM #__users"
//. "\nWHERE username='$checkusername' AND email='$confirmEmail'"
//);
$database->setQuery( "SELECT id FROM #__users
WHERE email='$confirmEmail'"«»);
$user_id = $database->loadResult();
$database->setQuery( "SELECT username FROM #__users
WHERE email='$confirmEmail'"«»);
$checkusername = $database->loadResult();


//if (!($user_id = $database->loadResult()) || !$checkusername || !$confirmEmail) {
// mosRedirect(sefRelToAbs("index.php?option=$option&task=lostPassword"«»),_ERROR_PASS );
//}

if (!$user_id || !$confirmEmail) {
mosRedirect(sefRelToAbs("index.php?option=$option&task=lostPassword"«»),_ERROR_PASS );
}
(...)

[/code:1]

Haven't tried it... but probably will.
Unless someone else tries it first and it crashes their site:ohmy:

Post edited by: JJRO, at: 2006/08/02 02:23

Post edited by: JJRO, at: 2006/08/02 02:24

I tried it and it's working FINE!!

Hope it works for others!

Post edited by: JJRO, at: 2006/08/02 03:15

It works for me as well, but your snippet of the code has some non-standard characters present so I had to go back to the original post to get it working. Regardless, Thank you!