After customizing the Registration page, now we are going to customize the Forgot Password page in websites that generated with PHPMaker 9.0.1. Please note that started from PHPMaker 9, the Forgot Password also supports for Captcha extensions. The good news is: I also have successfully integrated this Captcha extension with Forgot Password page in order to display it properly, since it has been used in other pages (Login, Registration, Add, Edit, and Change Password) too.
All we have to do is customizing PHPMaker template files. In other words, we will not modify the generated script files at all, so we can use the template for other projects in future.
Important: In order to display the Captcha in the Forgot Password Page properly, then make sure you have done the following:
- Enable the CAPTCHA extension from: Tools -> Extensions -> CAPTCHA.
- Enable the related setting from: Security -> Advanced -> User Login Options -> Password Recovery Page -> CAPTCHA (require extension).
Updated on May 30, 2012: This customization has been implemented in PHPMaker version 9.0.2, it matches to each other, and as a result, it works properly.
Updated on July 21, 2012: This customization has been implemented in PHPMaker version 9.0.3, it matches to each other, and as a result, it works properly.
Updated on September 4, 2012: This customization has been implemented in PHPMaker version 9.0.4, it matches to each other, and as a result, it works properly.
Updated on November 28, 2012: This customization has been implemented in PHPMaker version 9.1.0, it matches to each other, and as a result, it works properly.
Updated on February 9, 2013: This customization has been implemented in PHPMaker version 9.2.0, it matches to each other, and as a result, it works properly.
Updated on June 17, 2013: The customization for CAPTCHA part has been handled by using MasinoCAPTCHA and MasinoForgpotPwd extension. You don’t need to implement the customization below if you use my extensions above together with the original PHPMaker Template and Extensions.
[hidepost]
-
Before we get started, please note that the step number 1 and 2 is identically with the step number 1 and 2 in the customization for Login Page in PHPMaker version 9.0.1 (previous article). So, if you have done it before, you may skip the step number 1 and 2 below, and start from the step number 3.
- Download images-box.zip. Extract the .zip file that contains of 9 image files in it, to your \Script\images sub-directory. Make sure you do not skip this step, as those images are also being used for the other customization that related to Registration, Forgot Password, and Change Password pages.
-
Open your \extensions\CAPTCHA\captcha-script.php file, and then replace all of the content of that file with the following code below (Warning: Please backup your original file first before doing this step!):
<!--##session phpcaptcha_config##--> <!--## // Check if Use Captcha var bUseCaptcha = false; var bConfirmCaptcha = false; var EXT = EXTS("CAPTCHA"); if (EXT.Enabled) { if (CTRL.CtrlID == "register") { if (PROJ.SecRegisterCaptcha) { bUseCaptcha = true; bConfirmCaptcha = PROJ.SecRegisterConfirm; } } else if (CTRL.CtrlID == "login") { if (PROJ.SecLoginCaptcha) { bUseCaptcha = true; bConfirmCaptcha = false; } } else if (CTRL.CtrlID == "forgotpwd") { if (PROJ.SecForgotPwdCaptcha) { bUseCaptcha = true; bConfirmCaptcha = false; } } else if (CTRL.CtrlID == "changepwd") { if (PROJ.SecChangePwdCaptcha) { bUseCaptcha = true; bConfirmCaptcha = false; } } else if (CTRL.CtrlID == "add") { if (TABLE.TblAddCaptcha) { bUseCaptcha = true; bConfirmCaptcha = TABLE.TblAddConfirm; } } else if (CTRL.CtrlID == "edit") { if (TABLE.TblEditCaptcha) { bUseCaptcha = true; bConfirmCaptcha = TABLE.TblEditConfirm; } } } // Get table variable sTblVar = gsTblVar; ##--> <!--##/session##--> <!--##session phpcaptcha_var##--> <!--## if (bUseCaptcha) { ##--> // CAPTCHA var $captcha; <!--## } ##--> <!--##/session##--> <!--##session phpcaptcha_php##--> <!--## if (bUseCaptcha) { if (CTRL.CtrlID == "add" || CTRL.CtrlID == "register") { ##--> // CAPTCHA checking if ($this->CurrentAction <> "I" && $this->CurrentAction <> "C") { if ( (($this->CurrentAction == "F") || ($this->CurrentAction == "I") || ($this->CurrentAction == "A") || ($this->CurrentAction == "X")) && (MS_SHOW_CAPTCHA_ON_REGISTRATION_PAGE == TRUE) ) { $objForm->Index = -1; $this->captcha = $objForm->GetValue("captcha"); if ($this->captcha <> @$_SESSION["EW_CAPTCHA_CODE"]) { // CAPTCHA unmatched $this->setFailureMessage($Language->Phrase("EnterValidateCode")); $this->CurrentAction = "I"; // Reset action, do not insert $this->EventCancelled = TRUE; // Event cancelled $this->RestoreFormValues(); // Restore form values } else { if ($this->CurrentAction == "A") $_SESSION["EW_CAPTCHA_CODE"] = ew_Random(); } } } <!--## } else if (CTRL.CtrlID == "edit") { ##--> // CAPTCHA checking if ($this->CurrentAction <> "I") { $objForm->Index = -1; $this->captcha = $objForm->GetValue("captcha"); if ($this->captcha <> @$_SESSION["EW_CAPTCHA_CODE"]) { // CAPTCHA unmatched $this->setFailureMessage($Language->Phrase("EnterValidateCode")); // Set message $this->CurrentAction = ""; // Reset action, do not update $this->EventCancelled = TRUE; // Event cancelled $this->RestoreFormValues(); // Restore form values } else { if ($this->CurrentAction == "U") $_SESSION["EW_CAPTCHA_CODE"] = ew_Random(); } } <!--## } else if (CTRL.CtrlID == "login") { ##--> // CAPTCHA checking if (ew_IsHttpPost()) { $this->captcha = @$_POST["captcha"]; if ($this->captcha <> @$_SESSION["EW_CAPTCHA_CODE"]) { // CAPTCHA unmatched $this->setFailureMessage($Language->Phrase("EnterValidateCode")); // Set message $bValidate = FALSE; } } if (!$bValidate) { $_SESSION["EW_CAPTCHA_CODE"] = ew_Random(); } <!--## } else if (CTRL.CtrlID == "forgotpwd") { ##--> // CAPTCHA checking if (ew_IsHttpPost()) { $this->captcha = @$_POST["captcha"]; if ($this->captcha <> @$_SESSION["EW_CAPTCHA_CODE"]) { // CAPTCHA unmatched $this->setFailureMessage($Language->Phrase("EnterValidateCode")); // Set message $bValidEmail = FALSE; } } if (!$bValidEmail) { $_SESSION["EW_CAPTCHA_CODE"] = ew_Random(); } <!--## } else if (CTRL.CtrlID == "changepwd") { ##--> // CAPTCHA checking if (ew_IsHttpPost()) { $this->captcha = @$_POST["captcha"]; if ($this->captcha <> @$_SESSION["EW_CAPTCHA_CODE"]) { // CAPTCHA unmatched $this->setFailureMessage($Language->Phrase("EnterValidateCode")); // Set message $bValidate = FALSE; } } if (!$bValidate) { $_SESSION["EW_CAPTCHA_CODE"] = ew_Random(); } <!--## } } ##--> <!--##/session##--> <!--##session phpcaptcha_htm##--> <!--## if (bUseCaptcha) { ##--> <!--## if (bConfirmCaptcha) { ##--> <?php if ($<!--##=gsTblVar##-->->CurrentAction <> "F") { ?> <!--## } ##--> <!-- captcha html (begin) --> <tr> <td > </td> <td > </td> <tr/> <tr> <td colspan="3" align="center"> <?php if (phpversion() < "4.3.2") { echo "<p class=\"ewmsg\">Warning: CAPTCHA extension is enabled but PHP version on this server is " . phpversion() . " only. The extension requires PHP >= 4.3.2.</p>"; } ?> <div><img src="ewcaptcha.php" alt="Security Image" width="200" height="50" /></div><br> <span class="phpmaker"><!--##@EnterValidateCode##--><!--##@FieldRequiredIndicator##--></span><br> <input type="text" name="captcha" id="captcha" size="30" /> </td> </tr> <!--## if (bConfirmCaptcha) { ##--> <?php } else { ?> <input type="hidden" name="captcha" id="captcha" value="<?php echo $<!--##=sPageObj##-->->captcha ?>" /> <?php } ?> <!--## } ##--> <br> <!-- captcha html (end) --> <!--## } ##--> <!--##/session##--> <!--##session phpcaptcha_js##--> <!--## if (bUseCaptcha) { ##--> if (fobj.captcha && !ew_HasValue(fobj.captcha)) return ew_OnError(this, fobj.captcha, ewLanguage.Phrase("EnterValidateCode")); <!--## } ##--> <!--##/session##--> -
Open your \Script\ewcfg.php file, and find this code:
// General
before that line, please insert the following code:
// Begin of modification Customizing Forgot Password Page, by Masino Sinaga, May 3, 2012 define("MS_SHOW_CAPTCHA_ON_FORGOT_PASSWORD_PAGE", TRUE, TRUE); // End of modification Customizing Forgot Password Page, by Masino Sinaga, May 3, 2012 -
Open your \Script\forgotpwd.php file, and then replace all the content of that file with the following code. Just like Login and Registration pages, this Forgot Password page also does not change for a long time, so it's save to do the following step. Howerver, Warning: Please backup your file before doing this step!:
<!--##session currenttable##--> <!--## // Set security table current and email field if (ew_IsNotEmpty(PROJ.SecTbl)) { TABLE = DB.Tables(PROJ.SecTbl); gsTblVar = TABLE.TblVar; goFlds = goTblFlds.Fields; if (ew_IsNotEmpty(PROJ.SecEmailFld)) { if (GetFldObj(PROJ.SecEmailFld)) { sEmailFld = gsFld; sEmailFldType = GetFieldTypeName(goFld.FldType); if (goFld.FldTagSize > 0) { sEmailFldTagSize = " size=\"" + goFld.FldTagSize + "\""; } else { sEmailFldTagSize = ""; } if (goFld.FldTagMaxLength > 0) { sEmailFldTagMaxLength = " maxlength=\"" + goFld.FldTagMaxLength + "\""; } else { sEmailFldTagMaxLength = ""; } } } } ##--> <!--##/session##--> <?php <!--##session phpmain##--> <!--##include captcha-script.php/phpcaptcha_var##--> var $Email = ""; // // Page main // function Page_Main() { global $conn, $Language, $gsFormError; $bPostBack = ew_IsHttpPost(); $bValidEmail = FALSE; if ($bPostBack) { // Setup variables $this->Email = $_POST["email"]; $bValidEmail = $this->ValidateForm($this->Email); } if (MS_SHOW_CAPTCHA_ON_FORGOT_PASSWORD_PAGE == TRUE) { <!--##include captcha-script.php/phpcaptcha_php##--> } if ($bPostBack) { if ($bValidEmail) { $bEmailSent = FALSE; // Set up filter (SQL WHERE clause) and get Return SQL // SQL constructor in <!--##=gsTblVar##--> class, <!--##=gsTblVar##-->info.php $sFilter = str_replace("%e", ew_AdjustSql($this->Email), EW_USER_EMAIL_FILTER); $this->CurrentFilter = $sFilter; $sSql = $this->SQL(); if ($RsUser = $conn->Execute($sSql)) { if (!$RsUser->EOF) { $rsold = $RsUser->fields; $bValidEmail = TRUE; <!--## if (SYSTEMFUNCTIONS.ServerScriptExist("Other","User_RecoverPassword")) { ##--> // Call User Recover Password event $bValidEmail = $this->User_RecoverPassword($rsold); <!--## } ##--> if ($bValidEmail) { $sUserName = $rsold['<!--##=SQuote(PROJ.SecLoginIDFld)##-->']; $sPassword = $rsold['<!--##=SQuote(PROJ.SecPasswdFld)##-->']; if (EW_ENCRYPTED_PASSWORD) { $sPassword = substr($sPassword, 0, 16); // Use first 16 characters only $rsnew = array('<!--##=SQuote(PROJ.SecPasswdFld)##-->' => $sPassword); // Reset the password $conn->Execute($this->UpdateSQL($rsnew)); } } } else { $bValidEmail = FALSE; $this->setFailureMessage($Language->Phrase("InvalidEmail")); } if ($bValidEmail) { $Email = new cEmail(); $Email->Load("<!--##=sFnForgotPwdTxt##-->"); $Email->ReplaceSender(EW_SENDER_EMAIL); // Replace Sender $Email->ReplaceRecipient($this->Email); // Replace Recipient $Email->ReplaceContent('<!--$UserName-->', $sUserName); $Email->ReplaceContent('<!--$Password-->', $sPassword); $Email->Charset = EW_EMAIL_CHARSET; <!--## if (SYSTEMFUNCTIONS.ServerScriptExist("Other","Email_Sending")) { ##--> $Args = array(); $Args["rs"] = &$rsnew; if ($this->Email_Sending($Email, $Args)) $bEmailSent = $Email->Send(); <!--## } else { ##--> $bEmailSent = $Email->Send(); <!--## } ##--> } $RsUser->Close(); } if ($bEmailSent) { if ($this->getSuccessMessage() == "") $this->setSuccessMessage($Language->Phrase("PwdEmailSent")); // Set up success message $this->Page_Terminate("<!--##=sFnLogin##-->"); // Return to login page } elseif ($bValidEmail) { $this->setFailureMessage($Language->Phrase("FailedToSendMail")); // Set up error message } } else { $this->setFailureMessage($gsFormError); } } } <!--##/session##--> ?> <!--##session forgotpwd_htm##--> <script type="text/javascript"> var <!--##=sFormName##--> = new ew_Form("<!--##=sFormName##-->"); // extend page with Validate function <!--##=sFormName##-->.Validate = function() { var fobj = this.Form; if (!this.ValidateRequired) return true; // ignore validation if (!ew_HasValue(fobj.email)) return ew_OnError(this, fobj.email, ewLanguage.Phrase("EnterValidEmail")); if (!ew_CheckEmail(fobj.email.value)) return ew_OnError(this, fobj.email, ewLanguage.Phrase("EnterValidEmail")); <!--##include captcha-script.php/phpcaptcha_js##--> <!--## if (SYSTEMFUNCTIONS.ClientScriptExist("Other","Form_CustomValidate")) { ##--> // Call Form Custom Validate event if (!this.Form_CustomValidate(fobj)) return false; <!--## } ##--> return true; } <!--## if (SYSTEMFUNCTIONS.ClientScriptExist("Other","Form_CustomValidate")) { ##--> // extend form with Form_CustomValidate function <!--##=sFormName##-->.Form_CustomValidate = <!--##~SYSTEMFUNCTIONS.GetClientScript("Other","Form_CustomValidate")##--> <!--## } ##--> // requires js validation <?php if (EW_CLIENT_VALIDATE) { ?> <!--##=sFormName##-->.ValidateRequired = true; <?php } else { ?> <!--##=sFormName##-->.ValidateRequired = false; <?php } ?> </script> <br /><br /> <!--##include phpcommon.php/header-message##--> <!--##include phpcommon.php/phpcommon-message##--> <body onload="document.<!--##=sFormName##-->.email.focus()"> <form name="<!--##=sFormName##-->" id="<!--##=sFormName##-->" class="ewForm" action="<?php echo ew_CurrentPage() ?>" method="post"<!--##=sFormSubmit##-->> <table border="0" cellpadding="0" cellspacing="0" width="400" align="center"> <tr> <td> <table border="0" cellpadding="0" cellspacing="0" width="420" align="center"> <tr> <td align="left" valign="top" width="4" height="30"><img src="phpimages/sidebox-title-left.gif"></td> <td align="left" valign="middle" background="phpimages/sidebox-title-bg.gif" width="390" height="30"> <font class="option"> <strong><!--##@RequestPwdPage##--></strong></font> </td> <td align="left" valign="top" width="4" height="30"><img src="phpimages/sidebox-title-right.gif"></td> </tr> </table> </td> </tr> </table> <table border="0" cellpadding="0" cellspacing="0" align="center"> <tr valign="top"> <td width="4" align="left" valign="top" background="phpimages/sidebox-bar-left.gif"><img src="phpimages/sidebox-bar-px.gif"></td> <td bgcolor="#FFFFFF" width="" align="left" valign="top"> <table bgcolor="#F0F1F5" border="0" cellpadding="0" cellspacing="0" align="center"> <tr> <td> <table width="412" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td> </td> <td> </td> <td> </td> <tr/> <tr> <td> </td> <td> </td> <td> </td> <tr/> <tr> <td width="30%"> <span class="phpmaker"><!--##@UserEmail##--></span></td> <td width="5%"> </td> <td width="65%"><span class="phpmaker"><input type="text" name="email" id="email" value="<?php ew_HtmlEncode($<!--##=sPageObj##-->->Email) ?>" <!--##=sEmailFldTagSize##--><!--##=sEmailFldTagMaxLength##-->" /></span></td> </tr> <tr> <td> </td> <td> </td> <td> </td> </tr> <?php if (MS_SHOW_CAPTCHA_ON_FORGOT_PASSWORD_PAGE == TRUE) { ?> <!--##include captcha-script.php/phpcaptcha_htm##--> <?php } ?> <tr> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> </td> <td><span class="phpmaker"><input type="submit" name="btnsubmit" id="btnsubmit" value="<?php echo ew_BtnCaption($Language->Phrase("SendPwd")) ?>" /></span></td> </tr> <tr> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> </td> <td> </td> </tr> </table> </td> </tr> </table> </td> <td width="4" align="left" valign="top" background="phpimages/sidebox-bar-right.gif"><img src="phpimages/sidebox-bar-px.gif"></td> </tr> </table> <table border="0" cellpadding="0" cellspacing="0" width="420" align="center"> <tr> <td width="2" height="29" align="left" valign="top"><img src="phpimages/storybox-bottom-left.gif"></td> <td width="394" height="29" background="phpimages/storybox-bottom-bg.gif"> <a href="<!--##=sFnLogin##-->"><!--##@BackToLogin##--></a></td> <td width="8" height="29" align="left" valign="top"><img src="phpimages/storybox-bottom-right.gif"></td> </tr> </table> </form> </body> <br /> <script type="text/javascript"> <!--##=sFormName##-->.Init(); </script> <!--##include phpcommon.php/footer-message##--> <!--##/session##--> <?php <!--##session phpfunction##--> // // Validate form // function ValidateForm($email) { global $gsFormError, $Language; // Initialize form error message $gsFormError = ""; // Check if validation required if (!EW_SERVER_VALIDATE) return TRUE; if ($email == "") { ew_AddMessage($gsFormError, $Language->Phrase("EnterValidEmail")); } if (!ew_CheckEmail($email)) { ew_AddMessage($gsFormError, $Language->Phrase("EnterValidEmail")); } // Return validate result $ValidateForm = ($gsFormError == ""); <!--## if (SYSTEMFUNCTIONS.ServerScriptExist("Other","Form_CustomValidate")) { ##--> // Call Form Custom Validate event $sFormCustomError = ""; $ValidateForm = $ValidateForm && $this->Form_CustomValidate($sFormCustomError); if ($sFormCustomError <> "") { ew_AddMessage($gsFormError, $sFormCustomError); } <!--## } ##--> return $ValidateForm; } <!--##/session##--> ?> <?php <!--##session phpevents##--> <!--##~SYSTEMFUNCTIONS.GetServerScript("Other","Email_Sending")##--> <!--##~SYSTEMFUNCTIONS.GetServerScript("Other","Form_CustomValidate")##--> <!--##~SYSTEMFUNCTIONS.GetServerScript("Other","User_RecoverPassword")##--> <!--##/session##--> ?> -
Please note that since PHPMaker 9.0.4, there was a little bit change in this forgotpwd.php file. After you replacing all of the content of this file in the previous step above, then find this following code (again, this customization only for PHPMaker >= 9.0.4):
$conn->Execute($this->UpdateSQL($rsnew));then replace it with the following code:
// $conn->Execute($this->UpdateSQL($rsnew)); // Old method? <= 9.0.3 $this->Update($rsnew); // Started from PHPMaker 9.0.4 -
Important: please implement this customization in order to prevent error undefined property sEmail. - Finally, re-generate your script files using PHPMaker as always. 🙂
[/hidepost]
Leave a Reply
You must be logged in to post a comment.