Lost password

Hi,

it seems that if there are more users with the same password, the check_user method will fail (return mysql_result($result, 0, "test")>1).
To resolve it, the 'new_pass' case could compare the Id as well.

Also, I am wondering about the "new e-mail" function. The validation e-mail links to the login_page, but the 'validate-email' method is never called?

Maybe I've turned PHP-blind and messed it all up...

Hallo Martin,

You are right I see a problem in this method: activate_new_password()
because there will the first (found) password be updated.

Is this the behavior you mean?

about the mail/login question

while register a user, a mail with message 29 is send, this is send to the new user and he must activate on the login page, is it this what you mean?

I will fix the problem with the "double" password.

Martin,

The problem with the double passwords should be resolved...

The files here on phpclasses are not updated yet, but the class on my website is up2date.

PS. Please tell me more about your other question.

Olaf,
if there are more users with the same password check_user will return FALSE.
What is worse: If a user updates his password, all identical passwords will also be updated. I believe the method activate_new_password needs to take id as a third parameter.

About the e-mail change, I just can't get it to work. I cannot spot why the link and the login page would call the validate_email method, as I assume it should. I'll take another look tomorrow, when I can see straight :P

The problem is not with registering, but with e-mail change (message 33).

Hallo,

about the email-update/validation:
I see, there was no method called in login.php, I changed this.

I will update the files here later this day...(in the meantime find the changed files on my website)

Martin, thanks for reporting this bugs.