Magento – Password Reset email issue

magento-1.9password-recovery

I have been sent an email from a customer this morning. The password reset email has a link which doesn't work. The hyperlink to the page is not there. Where do I find this in Magento 1.9 to rectify the issue?

Best Answer

Check your email templates. By default, email templates are under System > Transactional Emails. Normally the password reset email shouldn't be there, but check if a module put one there.

Then check app/locale/en_US/template/email/account_password_reset_confirmation.html. That file should look like this:

{{template config_path="design/email/header"}}
{{inlinecss file="email-inline.css"}}

<table cellpadding="0" cellspacing="0" border="0">
<tr>
    <td class="action-content">
        <h1>{{htmlescape var=$customer.name}},</h1>
        <p>There was recently a request to change the password for your account.</p>
        <p>If you requested this password change, please reset your password here:</p>
        <table cellspacing="0" cellpadding="0" class="action-button" >
            <tr>
                <td>
                    <a href="{{store url="customer/account/resetpassword/" _query_id=$customer.id _query_token=$customer.rp_token}}"><span>Reset Password</span></a>
                </td>
            </tr>
        </table>
        <p>If you did not make this request, you can ignore this message and your password will remain the same.</p>
    </td>
</tr>
</table>
{{template config_path="design/email/footer"}}

Also check app/design/frontend/{your_package}/{your_theme}/locale/en_US/ and see if there is a template/email folder overriding email templates.

Related Solutions

Customer Password Recovery – Reset Issue in Magento CE 1.7.0.2

it happened again. I got the solution less than 1 hour after posting the question.
But before posting it I want to say that this looks like a Magento bug to me.
Customers should be able to change their password even if the customer settings have been changed.
The obvious thing to do is to remove the line (and other ones related to it)

$validationErrorMessages = $customer->validate();

from the Mage_Customer_AccountController::resetPasswordPostAction.
I don't think a full validation is required here since we are changing only the password.
All the other fields can be changed once the customer gets access to his account. (FOR WHICH HE NEEDS A PASSWORD)

But I didn't remove that, in case there is an other reason that I'm missing.
Here is what I did just for this particular case.

Since I only need to skip this validation on the recover password page, I observed the event controller_action_predispatch_customer_account_resetpasswordpost and just registered a value.

<events>
    <controller_action_predispatch_customer_account_resetpasswordpost>
        <observers>
            <[namespace]_[module]>
                <class>[namespace]_[module]/observer</class>
                <method>skipDobValidation</method>
            </[namespace]_[module]>
        </observers>
    </controller_action_predispatch_customer_account_resetpasswordpost>
</events>

and the observer method looks like this:

public function skipDobValidation($observer) {
    Mage::register('skip_dob_validation', true);
    return $this;
}

And I've overwritten the validate method in the customer model. I didn't find an event for it.

Basically it looks the same as in Mage_Customer_Model_Customer except for this part.

if ($attribute->getIsRequired() && '' == trim($this->getDob())) {
    $errors[] = Mage::helper('customer')->__('The Date of Birth is required.');
}

In my class it looks like this:

$skipDobValidation = Mage::registry('skip_dob_validation');
if (!$skipDobValidation) {
    if ($attribute->getIsRequired() && '' == trim($this->getDob())) {
        $errors[] = Mage::helper('customer')->__('The Date of Birth is required.');
    }
}

Magento – password request has expired

This could have several causes, and its possible a module its interfering. Have you added any recently? Try disabling all of them but the Magento defaults and see if the problem goes away.

It could also be related to patch 6788 if you applied it recently.

Best Answer

Related Solutions

Customer Password Recovery – Reset Issue in Magento CE 1.7.0.2

Magento – password request has expired

Related Topic