Announcement

Collapse
No announcement yet.

Quick fix for the reset-password page being inaccessible to logged out users in a private forum

Collapse
X
Collapse
First Prev Next Last
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • gimsy
    replied
    Originally posted by Felix2 View Post
    Why this is not working for Gimsy I also do not know.
    Perhaps Gimsy can post a copy of his route.php file, or just the line, for review and comparison. May just be a typo.


    Code:
    /**
 * vB_Api_Route
 *
 * @package vBApi
 * @access public
 */
class vB_Api_Route extends vB_Api
{
    protected $whitelistPrefix = array('help', 'contact-us', 'lostpw', 'register', 'activateuser', 'activateemail', 'admincp', 'reset-password');
    protected $whitelistRoute = array('admincp', 'auth/login');

    protected $disableWhiteList = array('getRoute', 'getUrls', 'preloadRoutes');

    protected function __construct()
    {
        parent::__construct();
    }
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • formiano
    replied
    @ Felix2 the post above, it is the confirmation of what he writes.
    vBulletin 5 Connect costs $ 249.00 and this is not a beautiful thing.
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • glennrocksvb
    replied
    Originally posted by formiano View Post
    I'm curious to know why vbmods.rocks use the 5.2.2?
    greetings by Formiano.
    Because of this critical vBMessenger issue I found

    vBulletin Issue Tracker
    http://tracker.vbulletin.com/browse/VBV-16581
    The bug genie, friendly issue tracking


    This is fixed in 5.2.5 which I'm waiting to be released.
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • formiano
    replied
    I'm curious to know why vbmods.rocks use the 5.2.2?
    greetings by Formiano.
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • Felix2
    replied
    Upgrading is not an option for many due to hosts not wanting to upgrade servers.
    vB5.2.4 is very pushy about using PHP7 which tends to break a great number of servers. e.g. Apache II crashes with PHP7. Being forced to upgrade PHP can mean the end of a host. Who is going to give up their business just for a shoddy forum product?

    FYI, vB5.2.4 has become a nightmare with permissions now so loose that by default they are almost pointless.
    Moderators have no more access than do registered users and unregistered and banned users can access the site with the same ease as registered users.
    I have tested the hack on a vB5.2.4 forum and it worked.
    The fact that vB introduces another 150 new bugs with every release is very frustrating. Moreso that they have bugs well known and detailed, many with fixes that have been around for years which they refuse to address, is just bad business. You know some of what I mean Glen and you have seen the official reports and fixes.

    Why this is not working for Gimsy I also do not know.
    Perhaps Gimsy can post a copy of his route.php file, or just the line, for review and comparison. May just be a typo.
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • glennrocksvb
    commented on 's reply
    If upgrading is not an option at this time, then you have to stick with 5.2.3 for now and figure out why this fix does not work for you. If you need private help, you could hire my services. PM me if you are interested.
    • Top
    • Translate
    • Bottom
  • gimsy
    replied
    Originally posted by glennrocksvb View Post
    Starting vB 5.2.4, the minimum required PHP version is 5.5. You have to ask your host to upgrade PHP to at least 5.5.
    It happens if I change this? "Install versions.php", unfortunately my host asks me to migrate to the new servers to have the php 5.5 and still have seven months paid with the server where I am right now
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • glennrocksvb
    replied
    Starting vB 5.2.4, the minimum required PHP version is 5.5. You have to ask your host to upgrade PHP to at least 5.5.
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • gimsy
    replied
    Originally posted by glennrocksvb View Post
    There must br something else going on as some had confirmed the fix works.

    But why don't you just upgrade to 5.2.4? This issue appears to be fixed in the latest version along with hundred other fixes.
    We have not installed the 5.2.4 because unfortunately our hosting has the php 5.4.19 and feedback installation problems.. you can overcome this problem?
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • glennrocksvb
    replied
    There must br something else going on as some had confirmed the fix works.

    But why don't you just upgrade to 5.2.4? This issue appears to be fixed in the latest version along with hundred other fixes.
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • gimsy
    replied
    Originally posted by glennrocksvb View Post
    If you are running a private vB5 forum that requires registered users to access and view the forums, you are experiencing this bug where the reset-password page is not accessible when user is not logged in. So it's not possible for your users to reset their password.

    Enabling "Can View Channels" permission fixes the issue, however it's not a desirable workaround as it allows guests to partially view the site.

    This issue occurs in vB 5.2.1 to 5.2.3 which was recently released. Based on the bug report, it seems that vBulletin will fix it in the next version 5.2.4 which would probably be released in 3 months or so. I based this on the time it took to release 5.2.3 from the time 5.2.2 was released. But you'll never know when.

    If you cannot wait for the official fix, then this hack is for you.

    Open and edit this file in a text editor.

    Code:
    /core/vb/api/route.php

    Find and replace this line:

    PHP Code:
    protected $whitelistPrefix = array('help''contact-us''lostpw''register''activateuser''activateemail''admincp'); 

    with:

    PHP Code:
    protected $whitelistPrefix = array('help''contact-us''lostpw''register''activateuser''activateemail''admincp''reset-password'); 

    Notice that you simply have to add the URL prefix for Reset Password page to the array. I don't know why it is taking time for vBulletin to fix this issue.

    Note: Since this is a core hack, you have to re-apply this change whenever you upgrade. But this wouldn't matter anymore if they would fix this in vB 5.2.4.
    I did as described in this post, but I have not solved the problem with vb 5.2.3. when a user tries to do the password reset email arrives but once you have clicked on the url to make the password reset appears a blank page! help
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • Felix2
    replied
    FYI, I did a similar fix like this some time back and you are mistaken. This is a flaw which goes back as far as vB5.1.2, and perhaps earlier. This is one of many known flaws which have existed for a long time which vB knows about and simply refuse to fix. Much like the RSS.php being unable to detect and error trap an ATOM feed mislabeled as RSS.
    Anyhow, your approach is a little cleaner than mine, so kudos and thanks.
    • Top
    • Translate
    • Bottom

    Leave a comment:

  • glennrocksvb
    commented on 's reply
    Glad it works now. Sometimes it takes few minutes before the usergroup change propagates.
    • Top
    • Translate
    • Bottom
  • WRXClub
    replied
    This fix works perfectly, thanks!
    • Top
    • Translate
    • Bottom
    • Likes 1

    Leave a comment:

  • WRXClub
    replied
    Originally posted by WRXClub View Post
    Very keen to get this mod having just upgraded our club forum from VB4 to VB5 yesterday and now getting users emailing me because they can't reset their passwords! However I have signed up and activated my account, I can post but can't see the code in the solution above. Does something else need to happen so I can see it?

    Thanks!
    Ignore that, it has just lit up for me.
    • Top
    • Translate
    • Bottom

    Leave a comment:

Previous 1 2 3 template Next

Users Viewing This Page

Collapse

There is 1 user viewing this forum topic.

  • Guest Guest

Latest Posts

Collapse
View All
Working...
X
Searching...Please wait.
An unexpected error was returned: 'Your submission could not be processed because you have logged in since the previous page was loaded.

Please push the back button and reload the previous window.'
An unexpected error was returned: 'Your submission could not be processed because the token has expired.

Please push the back button and reload the previous window.'
An internal error has occurred and the module cannot be displayed.
There are no results that meet this criteria.
Search Result for "|||"