1

I use CodeIgniter + Tank Auth. Only the code http://localhost/XXXXXXXX/auth/forgot_password doesn't work. The result always is: "Your activation key is incorrect or expired. Please check your email again and follow the instructions."

The registration and activation are all right.

bassneck
  • 4,053
  • 4
  • 24
  • 32
vili
  • 317
  • 3
  • 6
  • 14
  • It's really hard to tell without any code. Maybe the token doesn't get saved to the database. And for the future, choose tags that have > 0 followers – bassneck May 07 '11 at 10:33

4 Answers4

4

Some likely problems:

  • Cookies are not being set correctly. Check your cookie settings, and do a test to make sure you can set and read cookies. (this may be invalid if cookies are not used for the reset)
  • The reset password key is expired or wasn't set correctly. Check the database to see if hte value is correct before following the link, and check your $config['forgot_password_expire'] in Tank Auth.

  • You may be linking to the wrong URL in your email. This doesn't look right:

    http://localhost/XXXXXXXX/auth/forgot_password

    It should be something like:

    http://localhost/auth/forgot_password/XXXXXXXX

Not to discourage you from using Tank Auth, but having used it I can recommend trying Ion_Auth if you are still in the early stages. I believe it's used in PyroCMS as well if that adds any credit.

Wesley Murch
  • 101,186
  • 37
  • 194
  • 228
  • I had some trouble getting ion_auth confiure as a hmvc module but tank_auth was flawless. Although , I am still stuck with the same email problem. – Gayan Hewa Jun 16 '11 at 18:44
2

If the XXXXXXXX in your URL is indicating that you have an extra URI segment before /auth/, you should change this:

function reset_password()
{
    $user_id = $this->uri->segment(3);
    $new_pass_key = $this->uri->segment(4);

to this:

function reset_password()
{
    $user_id = $this->uri->segment(4);
    $new_pass_key = $this->uri->segment(5);

Note the different numbers in $this->uri->segment(). With an extra segment before /auth/, your user id and activation code will be passed as parameters in the 4th and 5th segment (rather than the 3rd and 4th that Tank Auth assumes).

Ben Yarbrough
  • 21
  • 3
1

In the main index.php, you have to define a time zone. Example:

date_default_timezone_set('Europe/Paris');

this will ensure that the following check has all the dates with the same time zone

$this->db->where('UNIX_TIMESTAMP(new_password_requested) >', time() - $expire_period);
Youssef
  • 2,866
  • 1
  • 24
  • 20
1

it could be the time stamp in your database in user model function "can_reset_password" uses a UNIX_TIMESTAMP(new_password_requested)

you could echo $user_id and $new_pass_key if they are correct then the problem is with time comparison. to fix the the url to always get the last two segments

$break =$this->uri->total_segments();
$new_pass_key= $this->uri->segment($break);
$user_id= $this->uri->segment($break-1);

for the time stamp try this for the function reset_password in users model

function reset_password($user_id, $new_pass, $new_pass_key, $expire_period = 900)
{
    $this->load->helper('date');
    $this->db->set('password', $new_pass);
    $this->db->set('new_password_key', NULL);
    $this->db->set('new_password_requested', NULL);
    $this->db->where('id', $user_id);
    $this->db->where('new_password_key', $new_pass_key);
    $this->db->where('UNIX_TIMESTAMP(new_password_requested) >=',mysql_to_unix( time() - $expire_period));

    $this->db->update($this->table_name);
    return $this->db->affected_rows() > 0;
}
ramon22
  • 3,528
  • 2
  • 35
  • 48