We want to import our customer database from our old site to our new one which we are going to use cart2cart for but from other reviews on the internet I hear they do not transfer the customer passwords. Is there a way I can send a mass email to every customer asking them to go change their passwords, giving them a link to click on?
Magento – Mass email customers for a password reset
customermagento-1.9password-recovery
Related Solutions
_validateResetPasswordLinkToken
in the Account Controller:
$customerToken = $customer->getRpToken();
if (strcmp($customerToken, $resetPasswordLinkToken) != 0 || $customer->isResetPasswordLinkTokenExpired()) {
throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Your password reset link has expired.'));
}
Which in turn calls: isResetPasswordLinkTokenExpired
/**
* Check if current reset password link token is expired
*
* @return boolean
*/
public function isResetPasswordLinkTokenExpired()
{
$resetPasswordLinkToken = $this->getRpToken();
$resetPasswordLinkTokenCreatedAt = $this->getRpTokenCreatedAt();
if (empty($resetPasswordLinkToken) || empty($resetPasswordLinkTokenCreatedAt)) {
return true;
}
$tokenExpirationPeriod = Mage::helper('customer')->getResetPasswordLinkExpirationPeriod();
$currentDate = Varien_Date::now();
$currentTimestamp = Varien_Date::toTimestamp($currentDate);
$tokenTimestamp = Varien_Date::toTimestamp($resetPasswordLinkTokenCreatedAt);
if ($tokenTimestamp > $currentTimestamp) {
return true;
}
$dayDifference = floor(($currentTimestamp - $tokenTimestamp) / (24 * 60 * 60));
if ($dayDifference >= $tokenExpirationPeriod) {
return true;
}
return false;
}
SUGGESTIONS
Double check server time and Magento time zones.
It may be wise to batch the old plaintext passwords and update them to a more standard Magento password to be safest as well.
EDIT
Instead of reinventing the wheel a quick google search turned up a possible candidate to reset the passwords. Source: http://www.christopherhogan.com/2012/02/01/script-to-reset-all-customer-passwords-in-magento/
<?php
/************************
* / '_ __/_ _/_
* ()()/(-( /( ()(/(-
* _/
* since 2007
*
* Created by Foundco
* All rights reserved unless otherwise specified under contract.
* http://www.foundco.com/
* @author Christopher Hogan <mailing address removed>
* @copyright 2012 and beyond.
******************************/
error_reporting(E_ALL | E_STRICT);
$mageFilename = 'app/Mage.php';
if (!file_exists($mageFilename)) {
echo $mageFilename." was not found";
exit;
}
require_once $mageFilename;
Varien_Profiler::enable();
Mage::setIsDeveloperMode(true);
ini_set('display_errors', 1);
umask(0);
Mage::app();
$passwordLength = 10;
/****
If you are just resetting one customer by customer_id:
****/
//$customer_id = 10;
//$customers = Mage::getModel('customer/customer')->getCollection()->addAttributeToFilter('entity_id', array('eq' => $customer_id));
/****
If you are resetting all customers:
****/
$customer_id = 10;
$customers = Mage::getModel('customer/customer')->getCollection();
/****
Now loop through the customers and create the passwords
****/
foreach ($customers as $customer){
// $customer->generatePassword($passwordLength)
// $customer->sendNewAccountEmail();
$password = strtoupper(substr( $customer->getEmail(), 0, 3)).rand(111,999);
$customer->setPassword($password)->save();
$line_data = $customer->getEmail(). "\t". $customer->getPassword();
$line[] = $line_data;
echo $line_data."\n";
}
$content = implode("\n", $line);
// store all the passwords to a file:
file_put_contents('./accounts.csv', $content);
echo "COMPLETE!";
?>
I had the same, but a second error message appeared which said that a required field is not filled out. In general: when anything goes wrong when saving the customer, the said error message "Your password reset link has expired" shows up. So, pay attention to any additional error messages showing up or in your log files.
If you want to find out what's happening in detail, go to the file "app/code/core/Mage/Customer/controllers/AccountController.php" and modify the method resetPasswordPostAction
temporarily. Inside the } catch (Exception $exception) {
directive, add Mage::logException($exception);
. After you have seen the error again, you can find the real error message in the file var/log/exception.log
.
Best Answer
You can send an e-mail saying that the passwords are not valid and a link to the 'I forgot my password' page.