Jump to content

[SOLVED] Odd 404 behavior when customer clicks on "forgot password"


tivicrdotcom

Recommended Posts

Hello fellow geeks, so there has been a couple of complaints from customers who had forgotten their password, no problem, they simply click on the "forgot password" link and help in on the way right?

We did some testing and indeed the customer receives the email to reset the password, the link provided seems fine but if I click on it, we land on the 404 error page. I notice that if I copy and paste the link works just fine. If I rest my mouse on the link received by email, I notice that it adds the address to my log in for the BO so it obviously throws that 404 not found page error as no address exists that way.

So for example, the received link is something like this:

http://www.tivicr.com/store/es/password-recovery?token=.....

When you rest the mouse it displays this:

www.tivicr.com/store/admin/http://www.tivicr.com/store/es/password-recovery?token=.....

I initially thought that the problem could have been caused because I was logged in as an administrator hence the reason the system added the "admin" part before so I created another user and this time when clicked on the "forgot password" link I received a reminder of what the password was (weird because it wasn't doing that before) but then received another email to reset the password although it had the same problem ending up on not found 4040 error.

Ha anybody experienced this before?
 

I am running 1.6.1.7

Edited by tivicrdotcom (see edit history)
Link to comment
Share on other sites

  • 8 months later...

Ok so I cracked it. In my case, which was the reason why I started the thread, the customer forgot the password, asked for another one, received the email and the link on it (to recover it), contained my main domain name followed by {url}. so it was pretty much duplicating (sort of) the domains and resulting obviously on the 404 error.

It was fixed by simply accessing the email templates, password query, open, edit it with html and click on the {url} link, edit it, and in my case I saw it had that format (domain+{url}. I deleted the domain part and left only {url} which I believe inherits the cookie and voilà, customer now clicks on email and received change confirmation. You're welcome!

Cheers, AJ

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...