Password and Register Issues?

[Hwona]

Hello! Well, i've been running into a few issues lately with v.1.3.3

I've been attempting to reset my password for my site, but when I do, the browser displays "this webpage is not available" with a dead page image... the page only appears after the new password is submitted.

I also can't edit user passwords through the acp. The passwords can't be used to log in.

As for registering, this message pops up on the site body: Database error 1054 - Unknown column 'about' in 'field list'

Would anyone help me?

account.php:

<?php

class AccountController extends AppController{

	private $view;
	private $subController;

    public function __construct(){
        parent::__construct("member");	
    }
	
	public function index(){
	    $mysidia = Registry::get("mysidia");
		$document = $mysidia->frame->getDocument();
        $document->setTitle($mysidia->user->username.$mysidia->lang->title);
        $document->addLangvar($mysidia->lang->manage, TRUE);
   
        $settings = new Comment("Account Settings");
        $settings->setBold();
        $settings->setUnderlined();
        $document->add(new Comment);
        $document->add($settings);
   
        $document->add(new Link("myadopts", "Manage Adoptables", TRUE));
        $document->add(new Link("profile/view/{$mysidia->user->username}", "View Profile", TRUE));
        $document->add(new Link("account/password", "Change Password", TRUE));
        $document->add(new Link("account/email", "Change Email Address", TRUE));
        $document->add(new Link("account/friends", "View and Manage FriendList", TRUE));
        $document->add(new Link("account/profile", "More Profile Settings", TRUE));
        $document->add(new Link("account/contacts", "Change Other Settings"));	
	}
	
	public function password(){
		$mysidia = Registry::get("mysidia");
		$document = $mysidia->frame->getDocument();
		
	    if($mysidia->input->post("submit")){
		    $newsalt = codegen(15,0);
            $newpass1 = passencr($mysidia->user->username, $mysidia->input->post("np1"), $newsalt);
            $newpass2 = passencr($mysidia->user->username, $mysidia->input->post("np2"), $newsalt);
            $userdata = $mysidia->db->select("users", array("uid", "username", "password", "salt", "session"), "username='{$mysidia->user->username}'")->fetchObject();	
            $currentpass = passencr($userdata->username, $mysidia->input->post("cpass"), $userdata->salt);
  
            if($currentpass != $userdata->password){
                $document->setTitle($mysidia->lang->password_error_title);
	            $document->addLangvar($mysidia->lang->password_current);
            }
            elseif($newpass1 != $newpass2){
                $document->setTitle($mysidia->lang->password_error_title);
                $document->addLangvar($mysidia->lang->password_new);  
            }
            elseif(!$mysidia->input->post("np1") or !$mysidia->input->post("np2")){
                $document->setTitle($mysidia->lang->password_blank_title);
                $document->addLangvar($mysidia->lang->password_blank);  
            }
            else{
	            $mysidia->db->update("users", array("password" => $newpass1, "salt" => $newsalt), "username='{$mysidia->user->username}' AND password='{$currentpass}'");	 
                $mysidia->cookies->deletecookies();
  	            $document->setTitle($mysidia->lang->password_updated_title);
	            $document->addLangvar($mysidia->lang->password_updated, TRUE);	 
            }
            return;			
		}
	
		$document->setTitle($mysidia->lang->password_title);
        $document->addLangvar($mysidia->lang->password);
						  
        $formbuilder = new FormBuilder("password", "password", "post");
        $formbuilder->buildComment("Your Current Password: ", FALSE)
                    ->buildPasswordField("password", "cpass", "", TRUE)
			        ->buildComment("Your New Password: ", FALSE)
			        ->buildPasswordField("password", "np1", "", TRUE)
			        ->buildComment("Confirm Your Password: ", FALSE)
			        ->buildPasswordField("password", "np2", "", TRUE)
			        ->buildPasswordField("hidden", "action", "password")
                    ->buildComment("")
			        ->buildButton("Change Password", "submit", "submit");
        $document->add($formbuilder);
	}
	
	public function email(){
	    $mysidia = Registry::get("mysidia");
		$document = $mysidia->frame->getDocument();
		
	    if($mysidia->input->post("submit")){
		    $validator = new UserValidator($mysidia->user, array("email" => $mysidia->input->post("email")));
            $validator->validate("email");
			
            if(!$validator->triggererror()){
  	            $mysidia->db->update("users", array("email" => $mysidia->input->post("email")), "username = '{$mysidia->user->username}'");
	            $document->setTitle($mysidia->lang->email_update_title);
	            $document->addLangvar($mysidia->lang->email_update);
            }
            else{
                $document->setTitle($mysidia->lang->email_invalid_title);
	            $document->addLangvar($mysidia->lang->email_invalid);
            }
		    return;
		}
		
		$document->setTitle($mysidia->lang->email_title);
        $document->addLangvar($mysidia->lang->email, TRUE);

        $formbuilder = new FormBuilder("email", "email", "post");
        $formbuilder->buildComment("New Email Address: ", FALSE)
                    ->buildPasswordField("email", "email")
			        ->buildPasswordField("hidden", "action", "changeemail", TRUE)
			        ->buildButton("Update Email Address", "submit", "submit");
        $document->add($formbuilder); 		
	}
	
	public function friends(){
		$mysidia = Registry::get("mysidia");
		$document = $mysidia->frame->getDocument();
	    $friendlist = new Friendlist($mysidia->user); 
        $document->setTitle($mysidia->user->username.$mysidia->lang->friendlist);
   
        $document->add(new Paragraph(new Comment("You currently have {$friendlist->gettotal()} friends.")));
        $document->add(new Link("friends/edit", "Vire My Friend Request", TRUE));
        $document->add(new Link("friends/option", "Set Friend-based Options", TRUE));				
        $friendlist->display();
	}
	
	public function profile(){
		$mysidia = Registry::get("mysidia");
		$document = $mysidia->frame->getDocument();
		$profile = $mysidia->user->getprofile();
        
	    if($mysidia->input->post("submit")){
		    $mysidia->db->update("users_profile", array("avatar" => $mysidia->input->post("avatar"), "nickname" => $mysidia->input->post("nickname"), "gender" => $mysidia->input->post("gender"), "color" => $mysidia->input->post("color"), "bio" => $mysidia->input->post("bio"), "favpet" => $mysidia->input->post("favpet")), "username = '{$mysidia->user->username}'");
            $document->setTitle($mysidia->lang->profile_updated_title);
            $document->addLangvar($mysidia->lang->profile_updated);
			return;
		}
		
	    $document->setTitle($mysidia->lang->profile_title);  
        if(!($profile instanceof UserProfile)) $document->addLangvar("The user profile does not exist...");
        elseif($mysidia->user->uid != $profile->uid) $document->addLangvar("It appears that you do not have permission to edit this user profile...");
        else{
		    $document->addLangvar($mysidia->lang->profile);
            $profileForm = new Form("profile", "profile", "post");
	        $formTitle = new Comment("Profile Details: ");
            $formTitle->setBold();
	        $formTitle->setUnderlined();
	   
	        $profileForm->add($formTitle);
	        $profileForm->add(new Comment("Avatar: ", FALSE));
	        $profileForm->add(new TextField("avatar", $profile->getAvatar()));
	        $profileForm->add(new Comment("Nickname: ", FALSE));
	        $profileForm->add(new TextField("nickname", $profile->getNickname()));
	        $profileForm->add(new Comment("Gender: "));
	     
	        $genderList = new RadioList("gender");
	        $genderList->add(new RadioButton("Male", "gender", "male"));
	        $genderList->add(new RadioButton("Female", "gender", "female"));
	        $genderList->add(new RadioButton("Unknown", "gender", "unknown"));
	        $genderList->check($profile->getGender());
	   
	        $profileForm->add($genderList);
	        $profileForm->add(new Comment("Favorite Color", FALSE));
	        $profileForm->add(new TextField("color", $profile->getColor()));
	        $profileForm->add(new Comment("Bio: "));
	        $profileForm->add(new TextArea("bio", $profile->getBio()));
	        $profileForm->add(new Comment($lang->bio));
	   
	        $petSpotLight = new Comment("Pet Spotlight Details: ");
                $petSpotLight->setBold();
	        $petSpotLight->setUnderlined();
	        $profileForm->add($petSpotLight);
	        $profileForm->add(new Comment("Favorite Pet: ", FALSE));
	   
	        $favPet = new DropdownList("favpet");
	        $ids = $mysidia->db->select("owned_adoptables", array("aid"), "owner = '{$mysidia->user->username}' && currentlevel >= 6")->fetchAll(PDO::FETCH_COLUMN);	
	        $names = $mysidia->db->select("owned_adoptables", array("name"), "owner = '{$mysidia->user->username}' && currentlevel >= 6")->fetchAll(PDO::FETCH_COLUMN);
	        $favPet->add(new Option("None Selected", "none"));
                $favPet->fill($names, $ids, $profile->getFavpetID());
	        $profileForm->add($favPet);
	        $profileForm->add(new PasswordField("hidden", "action", "moreprofile"));
	        $profileForm->add(new Button("Edit My Profile", "submit", "submit"));
	        
	        $document->add($profileForm);
        }
	}
	
	public function contacts(){
	    $mysidia = Registry::get("mysidia");
		$document = $mysidia->frame->getDocument();
		
	    if($mysidia->input->post("submit")){
		    $newmsgnotify = ($mysidia->input->post("newmsgnotify") == 1)?1:0;
            $mysidia->db->update("users_options", array("newmessagenotify" => $newmsgnotify), "username='{$mysidia->user->username}'");
            $mysidia->db->update("users_contacts", array("website" => $mysidia->input->post("website"), "facebook" => $mysidia->input->post("facebook"), "twitter" => $mysidia->input->post("twitter"), "aim" => $mysidia->input->post("aim"), "yahoo" => $mysidia->input->post("yim"), "msn" => $mysidia->input->post("msn"), "skype" => $mysidia->input->post("skype")), "username = '{$mysidia->user->username}'");

            $document->setTitle($mysidia->lang->settings_updated_title);
            $document->addLangvar($mysidia->lang->settings_updated);
		    return;
		}
		
		$document->setTitle($mysidia->lang->settings_title);
        $document->addLangvar($mysidia->lang->settings);
  
        // First grab properties for user contacts and options
        $contacts = $mysidia->user->getcontacts();
        $options = $mysidia->user->getoptions();
   
        // Then show the edit settings page
        $optionsForm = new Form("contacts", "contacts", "post");
        $optionsForm->add(new CheckBox(" Notify me via email when I receive a new message or reward code", "newmsgnotify", 1, $options->newmessagenotify));
        $details = new Comment("Publically Viewable Details: ");
        $details->setUnderlined();
   
        $optionsForm->add($details);
        $sites = array("website", "facebook", "twitter");
        $ims = array("msn", "aim", "yim", "skype");
        $contactsList = array_merge($sites, $ims);
        foreach($contactsList as $contact){
            $comment = (in_array($contact, $sites))?new Comment("{$contact} Address:", FALSE):new Comment("{$contact} Username:", FALSE);
	        $optionsForm->add($comment);
	        $optionsForm->add(new TextField($contact, $contacts->$contact));   
        } 
   
        $optionsForm->add(new PasswordField("hidden", "action", "changesettings"));
        $optionsForm->add(new Button("Change Settings", "submit", "submit"));
        $document->add($optionsForm);	
	}
}
?>

register.php:

<?php

class RegisterController extends AppController{

    private $view;
	private $subController;

    public function __construct(){
        parent::__construct("guest");
    }
	
	public function index(){
	    $mysidia = Registry::get("mysidia");
		$document = $mysidia->frame->getDocument();
		
	    if($mysidia->input->post("submit")){
		    $mysidia->session->validate("register");
			
            $validinput = array("username" => $mysidia->input->post("username"), "password" => $mysidia->input->post("pass1"), "email" => $mysidia->input->post("email"), "birthday" => $mysidia->input->post("birthday"), 
                                "ip" => $mysidia->input->post("ip"), "answer" => $mysidia->input->post("answer"), "tos" => $mysidia->input->post("tos"));
            $validator = new RegisterValidator($mysidia->user, $validinput);
            $validator->validate();
  
            if(!$validator->triggererror()){
	            $mysidia->user->register();
				$document->setTitle($mysidia->lang->success_title);
                $document->addLangvar($mysidia->lang->success.$mysidia->input->post("username").$mysidia->lang->success2);	
				
				include("inc/config_forums.php");
	            if($mybbenabled == 1){
                    include_once("functions/functions_forums.php");   
                    mybbregister();
                    mybbrebuildstats();
                }
	            $mysidia->user->login($mysidia->input->post("username"));
            }
            else{
                $document->setTitle($mysidia->lang->global_error);
                $document->addLangvar($validator->triggererror());
            }
  
			$mysidia->session->terminate("register");
			return;
		}

		$mysidia->session->assign("register", 1, TRUE);		
        $document->setTitle($mysidia->lang->title);
        $document->addLangvar($mysidia->lang->default);		
		$registerForm = new Form("regform", "", "post");
		
		$requiredField = new FieldSet("required");
		$requiredField->add(new Legend("Required Info"));
		$requiredField->add(new Comment("Username: ", FALSE, "b"));
        $requiredField->add(new Comment("Your username may be up to 20 characters long with letters, numbers and spaces only."));
        $requiredField->add(new TextField("username"));
        $requiredField->add(new Comment("Password: ", FALSE, "b"));
        $requiredField->add(new Comment("Your password may be up to 20 characters long and may contain letters, numbers, spaces and special characters. The use of a special character, such as * or ! is recommended for increased security. "));
        $requiredField->add(new Comment("Enter Password ", FALSE));
		$requiredField->add(new PasswordField("password", "pass1", "", FALSE));
        $requiredField->add(new Comment(" Confirm Password ", FALSE));
        $requiredField->add(new PasswordField("password", "pass2", "", TRUE));
        $requiredField->add(new Comment("Email Address: ", FALSE, "b"));
        $requiredField->add(new Comment("Enter a valid email address for yourself."));
        $requiredField->add(new PasswordField("email", "email", "", TRUE));
        $registerForm->add($requiredField);

        $additionalField = new FieldSet("additional");
        $additionalField->add(new Legend("Additional Info"));
        $additionalField->add(new Comment("Birthday: ", FALSE, "b"));
        $additionalField->add(new Comment("(mm/dd/yyyy)"));	
        $additionalField->add(new TextField("birthday"));
		$additionalField->add(new Comment("Avatar: ", FALSE, "b"));
        $additionalField->add(new Comment("Enter the url of your avatar beginning with http://www."));	
        $additionalField->add(new TextField("avatar", "templates/icons/default_avatar.gif"));
		$additionalField->add(new Comment("Nickname: ", FALSE, "b"));
        $additionalField->add(new Comment("A nickname for yourself, do not use inappropriate words! "));	
        $additionalField->add(new TextField("nickname"));
		$additionalField->add(new Comment("Gender: ", FALSE, "b"));
        $additionalField->add(new Comment("Male, Female or Not specified"));

        $genderList = new RadioList("gender");	
		$genderList->add(new RadioButton("Male", "gender", "male"));
        $genderList->add(new RadioButton("Female", "gender", "female"));
        $genderList->add(new RadioButton("Unknown", "gender", "unknown"));
        $genderList->check("unknown");
        $additionalField->add($genderList);

		$additionalField->add(new Comment("Favorite Color: ", FALSE, "b"));
        $additionalField->add(new Comment("Your favorite color. Red, Yellow, Blue, who knows? "));	
        $additionalField->add(new TextField("color"));
		$additionalField->add(new Comment("Biography: ", FALSE, "b"));
        $additionalField->add(new Comment("Enter a bio for yourself, if you want to."));	
        $additionalField->add(new TextArea("bio", "", 4, 50));
		$registerForm->add($additionalField);
		
		$securityField = new FieldSet("security");
		$securityField->add(new Legend("Anti-Spam Security Question"));
		$securityField->add(new Comment("Question: ", FALSE, "b"));
		$securityField->add(new Comment($mysidia->settings->securityquestion));
		$securityField->add(new Comment("Answer: ", FALSE, "b"));
		$securityField->add(new TextField("answer"));
		$securityField->add(new CheckBox("I agree to the <a href='tos' target='_blank'>Terms of Service", "tos", "yes"));
		$securityField->add(new PasswordField("hidden", "ip", $_SERVER['REMOTE_ADDR'], TRUE));
		$securityField->add(new Button("Register", "submit", "submit"));
		$registerForm->add($securityField);
		$document->add($registerForm);
	}              
}
?>

registervalidator:

<?php

class RegisterValidator extends UserValidator{
  // The register validator for user and usergroup system
    
  public function __construct(User $user, $value = array(), $action = ""){	  
	  parent::__construct($user, $value, $action);
  }
  
  public function validate($action = "", $data = ""){
      // The core method validate, it acts like a controller and sends requests to different private methods based on the action
	
	  $validarray = array("username", "password", "email", "birthday", "ip", "tos", "answer");
	  
	  // For RegisterValidator, the validator methods will be executed all at once
	  foreach($this->value as $key => $var){
	     $method = "{$key}validate";
		 if(in_array($key, $validarray)) $this->$method($var);
	     else throw new Exception('Validation action invalid...');

         if(!empty($this->error)) return FALSE;
	  }
  }
    
  protected function usernamevalidate($username = ""){
      // The username validator, note its a bit complicate here due to the different mechanism of username check for register and other validators
      $lang = Registry::get("lang");
	  if(!$this->emptyvalidate($username)){
         $this->seterror("The field Username is Empty.");
         return FALSE;
      }
	  $username = (empty($username))?$this->value['username']:$username;	  
	  $userexist = $this->datavalidate("users", array("username"), "username = '{$username}'");
	  if($userexist == TRUE){
         $this->seterror($lang->user);
		 return FALSE;
      }
      else return TRUE;
  }
  
  protected function passwordvalidate($password = ""){ 
      $mysidia = Registry::get("mysidia");  
      if(!$this->emptyvalidate($this->value['password'])){
         $this->seterror("The field Password is empty.");
         return FALSE;   
      }
	  elseif(!$this->emptyvalidate($mysidia->input->post("pass2"))){
         $this->seterror("The field Confirmed Password is Empty.");
      }
      elseif(!$this->matchvalidate($this->value['password'], $mysidia->input->post("pass2"))){
		 $this->seterror($mysidia->lang->match);
	     return FALSE;
	  }
	  else return TRUE;
  }

  protected function emailvalidate($email = ""){
      $lang = Registry::get("lang");
      $email = (empty($email))?$this->value['email']:$email;	
      $this->emptyvalidate($email);
      $regex = '/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i';
      if(!$this->matchvalidate($regex, $email, "preg_match")){
	     $this->seterror($lang->email);
		 return FALSE;
	  }
      else return TRUE;
  }
     
  protected function birthdayvalidate($birthday = ""){
      $lang = Registry::get("lang");
      if(empty($this->value['birthday'])){
	     $this->seterror($lang->birthday, TRUE);
		 return FALSE;
	  }
	  else return TRUE;
  }

  protected function answervalidate($answer = ""){
      $mysidia = Registry::get("mysidia");
      if(!$this->matchvalidate($this->value['answer'], $mysidia->settings->securityanswer)){
	     $this->seterror($mysidia->lang->question);
		 return FALSE;
	  }
	  else return TRUE;
  }
  
  protected function tosvalidate($tos = ""){
      $lang = Registry::get("lang");
      $tos = (empty($tos))?$this->value['tos']:$tos;
      if($tos != "yes"){
	     $this->seterror($lang->tos);
		 return FALSE;	     
	  }
	  else return TRUE;
  }
 
}
?>

 

[Hwona]

Hi! I still need help with this. Edit: I just need to know which files impact user registration...

 

[Hall of Famer]

Well it seems to me that you are trying to insert some invalid data to your database, did you modify the database table or class file classes/class_visitor.php?

 

[Hwona]

Re

Well it seems to me that you are trying to insert some invalid data to your database, did you modify the database table or class file classes/class_visitor.php?

Thank you so much for the response! I found the cause of the problem (and a temporary and unideal fix). Apparently, the script was adding a column called 'about' into the database. I didn't favpet bios, so I took out the column. Unfortunately, it seems that somewhere deep in Mysidia, the script has been inserting into this non-existen column - and I can't find the file for that.

Thanks again! :3

 

[Hall of Famer]

I see, glad you fixed the issue. Anyway its necessary to be very careful when you edit script files that deal with database operations, especially with insert and update actions. In future releases the database operations will be encapsulated in mapper/repository classes, so all you will need is to edit one file and be done with it, no need to hunt down all SQL queries that you need to change.

 

[Hwona]

I see, glad you fixed the issue. Anyway its necessary to be very careful when you edit script files that deal with database operations, especially with insert and update actions. In future releases the database operations will be encapsulated in mapper/repository classes, so all you will need is to edit one file and be done with it, no need to hunt down all SQL queries that you need to change.

Thank would be great! Actually HOF, where DOES Mysidia insert all the registration data? I found the register() function in the user class, but I couldn't find the source of the function.

 

[Hall of Famer]

Well User is an abstract class, so the register() method is left empty. You should look for the Visitor Class then, its for all guest users and has an implemented register() method, which should look like this(in Mys v1.3.4 of course, but I dont think its much different in Mys v1.3.3):

  public function register(){
      // Will be added in future
      $mysidia = Registry::get("mysidia");
      $date = new DateTime;
      $salt = codegen(15);
      $password = passencr($mysidia->input->post("username"), $mysidia->input->post("pass1"), $salt);
      // Insert the very first row of data for user registration
      $mysidia->db->insert("users", array("uid" => NULL, "username" => $mysidia->input->post("username"), "salt" => $salt, "password" => $password, "session" => NULL, "email" => $mysidia->input->post("email"), "ip" => $_SERVER['REMOTE_ADDR'], 
                                     "usergroup" => 3, "birthday" => $mysidia->input->post("birthday"), "membersince" => $date->format('Y-m-d'), "money" => $mysidia->settings->startmoney, "friends" => NULL));
      $uid = $mysidia->db->select("users", array("uid"), "username = '{$mysidia->input->post("username")}'")->fetchColumn();
      
      // Now update the session
      $myssession = md5($uid.$mysidia->session->getid());
      $mysidia->db->update("users", array("session" => $myssession), "uid = '{$uid}'");    

      // Insert user data to the other tables
      $mysidia->db->insert("users_contacts", array("uid" => $uid, "username" => $mysidia->input->post("username"), "website" => NULL, "facebook" => NULL, "twitter" => NULL, 
                                               "aim" => NULL, "yahoo" => NULL, "msn" => NULL, "skype" => NULL));
    
      $mysidia->db->insert("users_options", array("uid" => $uid, "username" => $mysidia->input->post("username"), "newmessagenotify" => 1, "pmstatus" => 0, 
                                              "vmstatus" => 0, "tradestatus" => 0, "theme" => $mysidia->settings->theme));

      $mysidia->db->insert("users_profile", array("uid" => $uid, "username" => $mysidia->input->post("username"), "avatar" => $mysidia->input->post("avatar"), "bio" => $mysidia->input->post("bio"), "color" => $mysidia->input->post("color"), 
                                              "about" => NULL, "favpet" => 0, "gender" => $mysidia->input->post("gender"), "nickname" => $mysidia->input->post("nickname")));                                              
    
      $mysidia->db->insert("users_status", array("uid" => $uid, "username" => $mysidia->input->post("username"), "canlevel" => 'yes', "canvm" => 'yes', "canfriend" => 'yes', 
                                             "cantrade" => 'yes', "canbreed" => 'yes', "canpound" => 'yes', "canshop" => 'yes'));        
  }

In this method, you should see this line:

      $mysidia->db->insert("users_profile", array("uid" => $uid, "username" => $mysidia->input->post("username"), "avatar" => $mysidia->input->post("avatar"), "bio" => $mysidia->input->post("bio"), "color" => $mysidia->input->post("color"), 
                                              "about" => NULL, "favpet" => 0, "gender" => $mysidia->input->post("gender"), "nickname" => $mysidia->input->post("nickname")));

This line inserts user record into table prefix_users_profile. You need to remove the part for data field 'about', and it will fix your problem.

 

[Hwona]

Thanks a bunch!