Reset joomla password with username, not email

[Eve]

Hello!

I have read the forums and the questions all over the net, and I know what most people say about what i am trying to do.  I know what is coming when I write this, but please hear me out!  ;-P  Hahaha

I am in need of having duplicate emails in my Joomla User Manager.  Please don't tell me that I just need to have the users change their email addresses so that they are unique, because there are far too many people already set up in a previously configured MySQL database, that has grown to over 500 members over the last 8 years.  There is no way I can get my client to get her member's to change their emails.  I have already talked to her about and she is digging her heels in.  And don't tell me I need to drop her, 'cuz she's my mom.  :-)

I understand that the emails currently must be unique because of the password reset feature.  Also, the unique emails are for username recovery.  This is great, except if two users do have the same email, they cannot reset or recover.  Big mess with what I am trying to do!  Ah!

That being said, in the members database, each member has an unique member id, which will also serve as their username, once plugged into Joomla.  Don't the usernames in Joomla have to be unique too?  My mom and I are not concerned with people recovering their usernames, because they have membership cards with their member ids, which if they lose their cards, they have bigger problems than not getting into the member's area.  If they forget their id, they call into the office, but they are used to being able to reset their password, so this feature should stay, if possible.

This is what I was thinking - Instead of using the email as the "enter your {blank} to recover your password," we use the id, and whatever email address is associated with that id, unique or duplicate, gets an email with the password recovery link.  To me that ends up completing the same task - resetting the password via email - and also gives a way for people to have duplicate email addresses - using the username instead of the email address.

It truly will not work to make everyone have unique emails addresses, as it has just been going on like this for too long to create a fuss about it.  There are things for which I really need the entire membership as Joomla users, such as Kunena Forum, so not using Joomla is not an option either.

Thank you so much!  I hope there is a way to do this!  If it is not set up yet, maybe we can figure out the code that would make it work!  Thank you again!  Have a nice night!

Jennifer

[Matt Thomas]

Hi Jennifer,

Is there any reason why you can't import fields from the "previously configured MySQL database" to populate the Joomla user table so that you can maintain standard Joomla functionality? Would that solve the issue?

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[Matt Thomas]

Hi Jennifer,

My apologies, I think I initially misunderstood your email.

Other than different ID numbers, is there a substantial amount of unique information between two or more records that have the same email address?

I ask as I am concerned that you might find requiring unique email addresses to be enforced in other third party extensions, which might come back to haunt you in the future.

In other words, restructuring 500 records of data may end up being less work than the long term issues you might have.

For example, could you implement a membership cross-reference table to associate the Joomla user ID with the multiple membership IDs that belong to one user?

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

[Herman Peeren]

Interesting problem. I had the same with members of an association, with duplicate email addresses. I solved it there by scanning the db for the duplicates and creating new email addresses for all duplicates with a redirect to the original address. Of course with a mail explaining why it is done and that the new email address is only needed for recorvering the username and password. Most of it is done automatically, but the redirects now still have to be manually edited.

Another thing I heared, but didn´t test yet is, that you can add #something behind an email address. The email is deliverd on the address itself, the #sometext that is added doesn´t change that. But for Joomla the email adresses are different! That would be even simpler, for we wouln´t have to edit any email redirects.

I´ll have a look at your idea to use the unique usernames. With that association we used the user´s name combined with his membership number, so the usernames are unique. But other extensions, like Acymailing, also assume the email addresses to be different, so it might be more work to have this working in all extensions than to get the email adresses in the system unique.

- Herman

[Eve]

Hi Between Brain,

I have tested going into Joomla and manually changing email addresses to be duplicates, and it doesn't allow me to change passwords from the user end.  I also have a test site where I converted PHPbb to Kunena, and there are many users with duplicate emails.  The database allows it, but it doesn't pass Joomla's validation when reseting passwords.

Thanks!

Jennifer

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

[Eve]

No problem!

Other than the id, often the only difference is the person's first and last name.  There is one member who's personal membership uses the same address as his wife and his company.  The names are different, their member id's are different, but all three use the same email, phone number and physical address.  There is a zoo that has about 5 staff who use the zoo's email address for their accounts.  Again, different names, different id's, but same contact information.

The time I would put in with the 500 records isn't the problem.  I will end up spending hours on their records anyway, because they will be placed in 6 different user access levels, and I need to modify their name fields.  It is more the hardship it would end up causing the members themselves.  Considering that some members let their memberships laps for a few months before renewing, I don't some of the necessary email changes will get done efficiently.

I certainly don't want to paint my client in a corner where she couldn't use other extensions in the future.  They have simple needs, other then this member's area, so I don't think they will be looking for more extensions, but as I said, I don't want to m\paint them into a corner, either.

Can you explain a little more about the cross reference table?  I was looking at using their member ids as their usernames, as they are used to typing in their id numbers to enter their current member's area.

Thank you!

Jennifer

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

[Eve]

@Herman

So you went in and created forwarders in your cpanel, and entered those into the user database?  That sounds like it could work!  The only problem is that the MX Records for their cpanel are pointing to Google Apps, not the forwarders in the cpanel.  Hmmmm...

"Another thing I heared, but didn´t test yet is, that you can add #something behind an email address. The email is deliverd on the address itself, the #sometext that is added doesn´t change that. But for Joomla the email adresses are different! That would be even simpler, for we wouln´t have to edit any email redirects. "

Could you explain this a little more?  Perhaps I am just hungry, but I am not sure I follow.  :-)

So this comes down to trying to trick Joomla, as opposed to getting Joomla to play nice, right?  I appreciate your help and BetweenBrain's help!

Thank you!

Jennifer

[Herman Peeren]

On Monday, 15 April 2013 19:49:39 UTC+2, Eve wrote:

So you went in and created forwarders in your cpanel, and entered those into the user database?  That sounds like it could work!  The only problem is that the MX Records for their cpanel are pointing to Google Apps, not the forwarders in the cpanel.  Hmmmm...

Not sure if I understand you 100%, but in this case I could just add a email-address to the domain, say johns...@theassociationdomain.nl and have all email sent to it being redirected to whatever )duplicate' email address I wanted. BTW, that particular server was on windows, using Helm instead of C-Panel, but I don´t think that will make much diffference.

On Monday, 15 April 2013 19:49:39 UTC+2, Eve wrote:

"Another thing I heared, but didn´t test yet is, that you can add #something behind an email address. The email is deliverd on the address itself, the #sometext that is added doesn´t change that. But for Joomla the email adresses are different! That would be even simpler, for we wouln´t have to edit any email redirects. "

Could you explain this a little more?  Perhaps I am just hungry, but I am not sure I follow.  :-)

Sorry I remembered it wrong. What I tried to say was adding a + to the users-name in the email-address. Look at the 3rd posting, by Gary Mort of this thread: https://groups.google.com/forum/?fromgroups=#!topic/joomla-dev-general/pqble_WDYQg

On Monday, 15 April 2013 19:49:39 UTC+2, Eve wrote:

So this comes down to trying to trick Joomla, as opposed to getting Joomla to play nice, right?

"If it cannot be done as it should be, it should be done as it can be".  - saying from Friesland, in The Netherlands

[Jennifer de Spain]

Hi Herman,

I see what you mean about the redirected address.  That may work.  I am still worried about the MX Records, though.  Also, in the profile, where the Joomla user can view their information, wouldn't the dummy email address show to them?  This may freak out the member.  Am I understanding correctly?

Jennifer

--
You received this message because you are subscribed to a topic in the Google Groups "Joomla! General Development" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/joomla-dev-general/oZxci7cvdo0/unsubscribe?hl=en-GB.
To unsubscribe from this group and all of its topics, send an email to joomla-dev-gene...@googlegroups.com.

[Herman Peeren]

Hmmm, here is something more about using that plus-sign in the name of an email:
http://gmailblog.blogspot.nl/2008/03/2-hidden-ways-to-get-more-from-your.html

It might very well only work for gmail addresses, as it is not in the official email specification RFC822 http://tools.ietf.org/html/rfc822

[Jennifer de Spain]

I see what you mean with adding the +.  Won't this still show the user the modified address, as opposed to the one they think should be there?

On Mon, Apr 15, 2013 at 11:19 AM, Herman Peeren <herman...@gmail.com> wrote:

--

[Herman Peeren]

On Monday, 15 April 2013 20:38:29 UTC+2, Eve wrote:

I see what you mean about the redirected address.  That may work.  I am still worried about the MX Records, though.  Also, in the profile, where the Joomla user can view their information, wouldn't the dummy email address show to them?  This may freak out the member.  Am I understanding correctly?

Yes you understand me correctly. I didn´t check any with MX-records, for I had no trouble with this method. What do you think could be a problem? What are you worried about?

And yes, exactly my concern there was that members saw a different email address in their profile and that is also the email-address they would have to use if they wanted to get their usernames or reset a password. BUT we emailed them to explain it, they were not many and they were not allowed to change their own email-address.

[Jennifer de Spain]

The MX Records in their cpanel currently points to Google Apps because Google hosts their emails.  The email forwarders in their cpanel are not accessible because the MX Records are directing the focus away from the cpanel before the forwarders are even seen.  I created a test email forwarder to see if it could possibly work, and I haven't received my test email yet.  I will keep waiting, and hopefully it will come through.

Thank you!

--

[Jennifer de Spain]

I sent a test email to the forwarder email address I made, and I got a failed message.  The forwarders would need to be set up in Google Apps, which I am not sure how many forwarders are allowed with the plan they have.  Hmmm.....

The plus (+) may be the way to go, but it still worries me that user would have to be restricted from changing their email address.  :-(

Thanks!

Jennifer

[Herman Peeren]

On Monday, 15 April 2013 20:56:25 UTC+2, Eve wrote:

The MX Records in their cpanel currently points to Google Apps because Google hosts their emails.  The email forwarders in their cpanel are not accessible because the MX Records are directing the focus away from the cpanel before the forwarders are even seen.  I created a test email forwarder to see if it could possibly work, and I haven't received my test email yet.  I will keep waiting, and hopefully it will come through.

Ohhh, OK, now I understand what you mean. I wrongly interpreted the "their emails" as the users' emails, but you probably meant the email addresses of that domain. Yes, then this trick won't work.

I have the feeling the + story is also not the way to go. So: back to zero...

But in your original plan, about the unique usernames, if you want to use that everywhere in Joomla, also where users are allowed to change their own email addresses.... that will be hard to do without core hacks (which of course should be avoided at all costs...). We would first have to have a look what things must be overriden to accomplish that. Hmm, I have no time for that today; but it is interesting for me too (as it could help me in that other case too).

[Herman Peeren]

Do you use or plan to use any specific extensions that use the emailadresses and users, like Acymailing, Jomsocial etc. ?

[Jennifer de Spain]

I think you are right.  Hmmm...

I wonder if I can make a user component that is separate from the default Joomla user component, but uses the same features, such as user access level and syncing with Kunena.  I wonder if I can also add an area where they can put in their physical address, etc..

Thank you for your help today!

Jennifer

--

[Jennifer de Spain]

Do you use or plan to use any specific extensions that use the emailadresses and users, like Acymailing, Jomsocial etc. ?

Only Kunena, at the moment.  I am thinking it might be nice to give my mom a feature where she can choose the access level or user group she wants to email and email from Joomla to all the users in the group, eventually.  But that is just an idea, and she may not like the idea anyway.  Emailing in that way from Joomla is optional.

Thank you!

Jennifer

On Mon, Apr 15, 2013 at 12:17 PM, Herman Peeren <herman...@gmail.com> wrote:

Do you use or plan to use any specific extensions that use the emailadresses and users, like Acymailing, Jomsocial etc. ?

--

[Herman Peeren]

On Monday, 15 April 2013 21:20:59 UTC+2, Eve wrote:

Do you use or plan to use any specific extensions that use the emailadresses and users, like Acymailing, Jomsocial etc. ?

Only Kunena, at the moment.  I am thinking it might be nice to give my mom a feature where she can choose the access level or user group she wants to email and email from Joomla to all the users in the group, eventually.  But that is just an idea, and she may not like the idea anyway.  Emailing in that way from Joomla is optional.

Well, in theory everything is possible. But much depends on your programming skills and the available time. I´m a developer, coding all day, so I make some new extension if I need one. For that association for instance, the access levels are set in their MS Access application they allready had for some time; changes in that database are sent to MySql by ODBC, so directly into the Joomla database. You see: totally different from what you would normally do in Joomla. But I wouldn´t recommend redoing too much of the default Joomla way, for it might take a long time to get it right.

Another thing that came to my mind is to use custom fileds for the users, use that for the email addresses and give all users a new system-email-address that is redirected using the redirect-trick from above. But that redirect is done on a special domainname you dedicate just for this. An extra domainname doesn´t cost much and will give you all possibilities to redirect. Well, I´ll stop now, but I hope my "thinking out of the box" tries will help you.

Cheers,
Herman

[Jennifer de Spain]

Great!  Thank you!  That helps a lot!

Jennifer

--

[Sergio Manzi]

Jennifer,

In GoogleApps you can set up how many "nicknames" you want for each mailbox.

Say you have m...@example.com as your main address, you can add other addresses (m...@example.com, m...@example.com, etc...) and all will deliver at the main mailbox.

Hope this may help...

Sergio

[Jennifer de Spain]

Hi Sergio,

Thank you very much for this information.  What I need to do is set up forwarders that lead to email addresses of member's who host their emails away from google.  So, take my email address for example.  Let's say I have two member's with webne...@gmail.com as their email addresses.  One of the proposed ideas was to put a forwarding address in one of the user accounts of Joomla - say jenn...@blahblah.com - so that Joomla wouldn't freak out over duplicate email addresses.  At that point, the cpanel or Google Apps would redirect any emails that come into jenn...@blahblah.com to webne...@gmail.com.  This would keep Joomla from freaking out, and would get the emails to the appropriate email address and member.  None of the members are using the Google Apps account that I my client uses, so i couldn't have nicknames forward to the main account.

Thank you so much for posting and giving me information!  Unfortunately, that method won't work for my application!

Have a nice night!

Jennifer

[Sergio Manzi]

Hi Jennifer,

sorry for misunderstanding your needs.

Well, you can do that with GoggleApps too! :-)
The way you can do it is to set up "groups" with "nicknames":

you set up it this way:

GROUP:                      RECIPIENT:
gro...@clientdomain.com -> hisad...@hisdomain.com
gro...@clientdomain.com -> hisad...@hisdomain.com
gro...@clientdomain.com -> hisad...@hisdomain.com
gro...@clientdomain.com -> hisad...@hisdomain.com
gro...@clientdomain.com -> hisad...@hisdomain.com

gro...@clientdomain.com -> hersa...@anotherdomain.com
gro...@clientdomain.com -> hersa...@anotherdomain.com
gro...@clientdomain.com -> hersa...@anotherdomain.com
gro...@clientdomain.com -> hersa...@anotherdomain.com
gro...@clientdomain.com -> hersa...@anotherdomain.com

In this case you set up only two groups (groupA1 and groupB1) each of them having a single recipient address (hisad...@hisdomain.com and hersa...@anotherdomain.com). Then for each group you set up how many nicknames (groupA2, groupA3, ...  groupB2, groupB3, ...) as you want.

The limit of this solution can be how many groups you need and how many GoogleApps let you create: this is an infinite number if you have GA for business, but a lower limit if you have GA Free. The exact limit for GA Free depends (I think) on *when* you created your GA account. I was one of the early adopters and my domain seems to have no limit. I don't think nicknames count against the limit.

If you go this route remember to set up your groups as "Team" groups and to check the "Also allow anyone on the Internet to post messages" option.

==========================

Another solution can be to set up MX records for a subdomain of your client main domain.
Your client has probably now MX records like this (86400 is the TTL, and may differ):

@ IN 86400 MX 10 aspmx.l.google.com.
@ IN 86400 MX 20 alt1.aspmx.l.google.com.
@ IN 86400 MX 20 alt2.aspmx.l.google.com.
@ IN 86400 MX 30 aspmx2.googlemail.com.
@ IN 86400 MX 30 aspmx3.googlemail.com.
@ IN 86400 MX 30 aspmx4.googlemail.com.
@ IN 86400 MX 30 aspmx5.googlemail.com.

if your Joomla! host is joomla.clientdomain.com (and so you have an A record for joomla.clientdomain.com.) you can add this record in the clientdomain.com DNS zone:

joomla IN 86400 MX 5 joomla.clientdomain.com.

this way mail sent to us...@joomla.clientdomain.com will be handled locally.

you then configure in cPanel a forwarder for user1 to whatever address you want.

remember to add joomla.clientdomain.com. to the SPF record of your client domain:
change from:
    "v=spf1 include:aspmx.googlemail.com -all"
to:
    "v=spf1 ip4:nnn.nnn.nnn.nnn include:aspmx.googlemail.com -all"  (where nnn.nnn.nnn.nnn is the IP address for joomla.clientdomain.com)


Cheers!

Sergio

[Matt Thomas]

Hi Jennifer,

Sorry for the delay, I was on the road yesterday.

From what I gather, it seems that you have a custom membership system that uses these membership IDs and names, is that correct? Would the people who share the same email also share the same username and password? I think knowing more about the membership system, which I assume is custom, might help us help you :-)

My thought is that your membership system can have a cross-reference table like the below, and then you can query this table and the Joomla users table, for the membership system, with a JOIN statement. 

userID      memID       firstName       lastName

20          45              Bob             Jones

20          44              Sally           Thompson

21          39              Sam             Bodee

22          37              Kim             Jackson

23          42              Richard         Jones

23          44              Jack            Russel

In the above example, userID is the id from the #__users table and the rest is for your membership system.

Best,

Matt Thomas

Founder betweenbrain™

Lead Developer Construct Template Development Framework

Phone: 203.632.9322
Twitter: @betweenbrain

Github: https://github.com/betweenbrain

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

[Jennifer de Spain]

HI Matt,

Thank you!  The Member ID's would be unique, and with the exception of two people named Mike Jones, all the names of the membership are unique to my knowledge.  Here is an example of what I am taking about:

Member ID     First Name        Last Name   Email

123               Joe                   Maylarn        joes-f...@example.com

124               Sandi                Maylarn        joes-f...@example.com

125               Joe's Facility                         joes-f...@example.com

Facilities/zoos would also be "members," so some users would not have last names.

Thank you for your help!

Jennifer

--
You received this message because you are subscribed to a topic in the Google Groups "Joomla! General Development" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/joomla-dev-general/oZxci7cvdo0/unsubscribe?hl=en-GB.
To unsubscribe from this group and all of its topics, send an email to joomla-dev-gene...@googlegroups.com.

[Eve]

Does anyone have any more ideas?  I am a little stuck on this...

Thanks!

Jennifer

[Jennifer de Spain]

Does anyone have any more ideas?  I am really getting stuck with this and if I can't figure it out, I can't make the member's area.  My client refuses to even ask for future members to have unique email addresses, so this problem is not going to go away.  I tried explaining to her that not at least asking for a unique address will hinder the future development of the site, because technology is more focused on the fact that many people have their own personal addresses.  Unfortunately, most of the membership are over the age of 30, so they come from a time when the whole household only had one email address.  If I can't fix this, the hours I have already spent on the site will be for nothing and they will still have the dumpy member's area that they have now.  :-(

Perhaps, I can make it where the user may not view or change their password or email address in Joomla and Kunena?  I could use the "+" method Herman was talking about, and they can't see or change it.  This takes away some functionality, but at least the users would have unique addresses, in theory.

I want to make the duplicate addresses work in some way, and not hinder the future development of the site.  Is this possible?

Thank you!

Jennifer

--

[Justin Kelly]

Hi Jennifer,

Do you have direct access to the database through phpmyadmin? Joomla stores passwords as MD5 hashes. If you can get into the #__users table, you can update the password and set the encoding to md5. That worked for me in Joomla 1.5.

(You should save the existing password first, just in case).

Justin.

--

You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

[Jennifer de Spain]

Hi Justin!

Thank you for writing back so quickly!  Yes, I have direct access to the database.  Their cpanel is on my reseller hosting account.  Thank you for the information.  That is helpful to know that I can change the password from phpmyadmin and that it can still be encoded.

My main issue is that I want people to have the normal Joomla user functionality, while having duplicate email addresses in the system.  This isn't working super well so far.  It seems that I either need to change how Joomla treats the users with duplicate emails, or trick Joomla into thinking that the email addresses are unique, when they actually are not.  Not sure where to go from here.

Thanks!

Jennifer

[Justin Kelly]

Hi Jennifer,

As far as I know, Joomla only checks for duplicate emails when users are set up. You can change emails through phpmyadmin and see what happens. If the email field is not marked as unique, you should be ok. Again, back up the system before you do this.

Disclaimer: I don't know this for certain. You should test this in a "black box" system before doing it on your client machine.

Justin.

[Jennifer de Spain]

On a site I set up to test the member's area, I tried changing the email address in phpmyadmin and it worked until I tried doing simple tasks as that user in the front end of the site.  I tried to reset my password, as if I had forgotten it, and I was told that that email address was already in use and to change it.  I also had problems when updating the password in the profile area, where it told me again that the email address was being used by another user and to change it to a unique address.  :-(  I wish I could get it to stop validating that, and/or just ask for the username instead of the email address when resetting the password.

Thanks!

Jennifer

[Justin Kelly]

OK. Forget the email then. It does have to be unique after all. Did my tip about MD5 passwords work?

[Jennifer de Spain]

:-)  I can see the reasoning behind the unique email addresses, but it is turning into a pain in the butt here.

I am checking the MD5 password thingy now.

[Donald Gilbert]

You would have to set up some core overrides so that you can identify a user by username instead of by email. Just changing the underlying data without changing the logic won't work. 

—
Sent from Mailbox for iPhone

[Jennifer de Spain]

@Donald - How would I go about making core overrides, in this case?  I know how to make overrides for components, but I have never done core overrides.  I don't want to damage anything, either.

Thank you!

Jennifer

[Donald Gilbert]

I'm away from my computer right now, I'll have to take a look and see what i can come up with when I get back home. 

—
Sent from Mailbox for iPhone

[Jennifer de Spain]

No problem.  Thank you!  I appreciate everybody's time!  I know you don't have to help me, and I do appreciate it.

[Justin Kelly]

Hi Jennifer,

If the emails have to be unique that's probably a security feature and shouldn't be changed. The system searches for a working sendmail when it installs so it can send a reset password email to the user. If multiple users have the same email, then it's a possible security breach. If at all possible, try to give each user a different email.

(Sorry, it's late and I don't have a joomla instance open to play with.)

Justin.

[Jennifer de Spain]

No worries.  It is not possible for the emails to be unique, because there are many members who share email addresses and the membership chair (my mom) will not ask them to change it.  My idea is to validate using the username, instead of the email address.  I just haven't figured out where to go from there.

Thanks!

Jennifer

[Jennifer de Spain]

One thing Herman brought up was to use the "+" method and trick Joomla into thinking that it is unique, when it is actually the same email address.  One problem I see with even that is whether or not the user would have to type in the "+" stuff when resetting the password.  You can see the discussion of the "+" farther up in the thread.

**One thing that I didn't mention is that it would not be a free registration set up.  An admin must create a new user each time a new member joins.  Member's do not register themselves, because to become a member they must meet many requirements outside of the Joomla registration form, and in many cases, must be voted on by the BOD of the organization.

[Donald Gilbert]

OK, I did a bit of research, and what I'm about to recommend is not for the faint of heart. lol :) If it works, we can always go back and make it better, but I just want to see if it meets your needs before going deeper with it.

After re-reading your original post, it seems that the main issue you need to solve is for users to be able to reset their password using nothing more than their username, which currently in Joomla you need to use the email address instead. If I understand that correctly, then the solution below *should* work, but I'd like you to test it out to see and then I can try to make it better if it does. (Please note, I'm assuming you're using J!2.5 with these instructions)

Open JPATH_SITE/components/com_users/models/forms/reset_request.xml and remove the filter="email" validation rule and save it. Then, open JPATH_SITE/components/com_users/models/reset.php and go to line 312. On that line, it says $db->quoteName('email'). Change that to $db->quoteName('username') and don't change anything else. (We're still submitting from the frontend form with "email" as the field name.)

Once those two things are accomplished, try to reset the password of a user on the site where you are able to receive/verify the reset confirmation emails, and see if it all works out for you. If so, I'll try to clean this up a bit and make it update proof, so you won't need to worry about making these changes each time you update Joomla! core. But like I said, I want to see if it works first before going further with it. I haven't looked yet to see at what point in the application execution the com_users classes are loaded in and if there is a plugin hook prior to that where we could possibly override and insert our fixed version of the required files.

[Jennifer de Spain]

Thank you so much!  I will test it out right now!

Jennifer

--

[Jennifer de Spain]

On a test site, of course!  Haha!

[Matt Thomas]

Don,

Do you think this has the potential of becoming a core configuration option in a future release?

Best,

Matt Thomas Founder betweenbrain™ Lead Developer Construct Template Development Framework Phone: 203.632.9322 Twitter: @betweenbrain Github: https://github.com/betweenbrain

--

You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

[Jennifer de Spain]

That would be so cool to have that be an option in Joomla in the future!  Thank you everyone for your help!  Stay tuned while I find the files I need to change!

--
You received this message because you are subscribed to a topic in the Google Groups "Joomla! General Development" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/joomla-dev-general/oZxci7cvdo0/unsubscribe?hl=en-GB.
To unsubscribe from this group and all of its topics, send an email to joomla-dev-gene...@googlegroups.com.

[Jennifer de Spain]

@Donald - I have a quick question.  Here is the code I am changing now:

$query->where($db->quoteName('email').' = '.$db->Quote($data['email']));

I am changing it to this:

$query->where($db->quoteName('username').' = '.$db->Quote($data['email']));

But won't I also have to change the $db->Quote($data['email']) to $db->Quote($data['username']) so that it validates correctly?  Just seems like the query won't match and nothing will happen, but I wanted to run that passed you.

Thanks!

Jennifer

On Sat, May 4, 2013 at 10:00 PM, Donald Gilbert <dilber...@gmail.com> wrote:

--

[Jennifer de Spain]

Ok, I noted a couple things as I was testing this:

I did need to change the $db->Quote($data['email']) to $db->Quote($data['username']) because I kept getting a nasty red failed error.  After I changed that, I was getting a slightly less nasty yellow-orange error, a screenshot of which, I have attached.  Instead of it being mad about the validation of email address being unique, it seems to be validating that the text I put in the field was actually an email address.

Also, after making two of my test users have the same email address, I tried logging into Kunena Forum to test Kunena Forum's validation.  I realized I had the wrong password for that user, so I went into the back end to change it in the User Manager, and it would not let me because that email address was already in use.

This seems like a great lead!  Any ideas on where to go from here??

Jennifer

[Jennifer de Spain]

Or maybe it is still trying to validate the email address and it just can't find it in the database??

[Donald Gilbert]

The yellow error message means Joomla is still trying to validate the submitted value as an email address. You have to remove the filter="email" from the form XML. And you also have to change $db->quote($data['username']) back to email, as I very explicitly stated in the instructions above that you shouldn't change anything else. The $data array that you are accessing does not contain a 'username' key unless you changed something else in the form XML, which I did not instruct you to do. 

Please go back and double check that you only made the changes I specified, and then test again and if it errors, attach the exact error message so I can debug from there. 

If we're not able to work something out, I'll set up a test instance of 2.5 somewhere and try to work it out. By the way, are you running 2.5?

—
Sent from Mailbox for iPhone

You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

[Donald Gilbert]

I think it could. It should be relatively simple to but these modifications behind a configuration parameter to toggle the behavior, assuming we are able to work out the kinks. 

—
Sent from Mailbox for iPhone

[Donald Gilbert]

I set up a 2.5 test environment (I'm still assuming you're using 2.5) and made these changes as I described, and it worked. There were a couple aesthetic tweaks to make (the reset field still said "email") but it did allow me to reset the password of the user using only the username. So that's good.

I've put a gist together here ( https://gist.github.com/dongilbert/a6c05d12fae51db36c76 ) with the required changes (for 2.5) that can be used as drop in replacements for now. I'll look into making a plugin that can handle this.

[Eve]

Yes, I am using 2.5.

Here is my reset_request.xml:

<?xml version="1.0" encoding="utf-8"?>
<form>
    <fieldset name="default" label="COM_USERS_RESET_REQUEST_LABEL">
        <field name="email" type="text"
            class="validate-username"
            description="COM_USERS_FIELD_PASSWORD_RESET_DESC"
                    label="COM_USERS_FIELD_PASSWORD_RESET_LABEL"
            required="true"
            size="30"
        />

        <field
            name="captcha"
            type="captcha"
            label="COM_USERS_CAPTCHA_LABEL"
            description="COM_USERS_CAPTCHA_DESC"
            validate="captcha"
        />
    </fieldset>
</form>



And here is line 312 of reset.php:

$query->where($db->quoteName('username').' = '.$db->Quote($data['email']));

I had briefly tried changing the $data "email" to "username", but that was only after I had tested it with only the quoteName being changed to username.


I uploaded both and when I test by entering one of the usernames (who, by the way, has a duplicate email address) in the user manager system, this is the error I am getting:

Failed to save user: This email is already registered.

I have also attached a screenshot of this error. 

This is testing with someone with a duplicate email address.  When I tested with a user with a unique email in the system, I worked just as you said it would.  This is a great step!  I am looking for this to be a solution to Joomla not allowing duplicate email addresses, though.  Do you have any ideas on how to trick it from here?

Thank you!

Jennifer

To unsubscribe from this group and all of its topics, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

[Donald Gilbert]

At what point do you see the red error message? Is it a javascript generated error message? Or does it allow you to submit and then give you that error?

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

[Eve]

That is great!  Thank you!  I am still having a problem with duplicate email addresses, though.  The username being used instead of the email address was a solution I hoped would help toward tricking Joomla into letting users have duplicate email addresses.

Any ideas on that?  Thanks!

Jennifer

[Eve]

I get that error after I submit the username.

To unsubscribe from this group and all of its topics, send an email to joomla-dev-general+unsubscribe@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.

Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsubscribe@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.

Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[Donald Gilbert]

Ok, open JPATH_SITE/libraries/joomla/database/table/user.php and comment out lines 230-242 and test again on users that have the same email address. 

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

[Jennifer de Spain]

I did that and it seems to be working.  It sent me the validation code, but now my internet is being stupid and I can't see what it is doing after I submitted the code and username again.  Oh well, I will have to keep babying it until I can see what happens!  I will let you know if it works on my end, when my internet decides to cooperate.  :-)

Thanks!

Jennifer

To unsubscribe from this group and all of its topics, send an email to joomla-dev-gene...@googlegroups.com.

[Jennifer de Spain]

Ok, that works perfectly!  Now, when I go into "Edit Profile" once logged in, and try to change my password from there, I get the "The email address you entered is already in use or invalid. Please enter another email address" error.  Where would I fix that?

Thank you!

Jennifer

[Donald Gilbert]

That's a validation error within the admin user edit form. It can also be worked around, but I'm worried about how deep these changes will become. You see, this can end up being a pretty widespread change that is required, especially since you are using 3rd party components such as Kunena forum. I'll help you get to a stable position so the site operates the way you need it to, but you might end up being stuck there and can't upgrade due to the required changes.

[Jennifer de Spain]

When I got that error, it was in the frontend in the user profile, not in the admin backend.  By "admin user edit form", did you think I was in the backend at the time?  I was in the frontend, logged in as a registered user, with no admin rights.  I see what you mean about the changes and why you are worried.  I would hate to put the site at risk because of not being able to upgrade and fix security issues. :-/  Before I took over dealing with their site, they had been hacked many times because of their developer not upgrading them.

Maybe I can take away the option to change the password in the profile area, for the frontend, and only allow users to change their passwords if they forget them.  Would that solve that?

Thanks!

Jennifer

[Donald Gilbert]

Oh I see what you mean. Open JPATH_SITE/components/com_users/models/forms/profile.xml and remove unique="true" from line 59 and see if that get's you what you need.

[Jennifer de Spain]

That worked perfectly!  Yay!  So how do I make this a somewhat permanent change, so that when I upgrade Joomla versions, I don't have to go into all of these files again?

Thank you!

Jennifer

[Donald Gilbert]

I'll put a plugin together for you. In the mean time, don't upgrade! lol

[Jennifer de Spain]

Haha!  Thank you so much!

Jennifer

[Amy Stephen]

Don - you've been pretty amazing helping in this thread. If you are making a plugin -- would you consider sharing it as an extension on JED? People are asking for this all the time. Thanks for all the help you give developers, it's important and I know you put a lot of time into it.

On Sunday, April 14, 2013 8:58:46 PM UTC-5, Eve wrote:

Hello!

I have read the forums and the questions all over the net, and I know what most people say about what i am trying to do.  I know what is coming when I write this, but please hear me out!  ;-P  Hahaha

I am in need of having duplicate emails in my Joomla User Manager.  Please don't tell me that I just need to have the users change their email addresses so that they are unique, because there are far too many people already set up in a previously configured MySQL database, that has grown to over 500 members over the last 8 years.  There is no way I can get my client to get her member's to change their emails.  I have already talked to her about and she is digging her heels in.  And don't tell me I need to drop her, 'cuz she's my mom.  :-)

I understand that the emails currently must be unique because of the password reset feature.  Also, the unique emails are for username recovery.  This is great, except if two users do have the same email, they cannot reset or recover.  Big mess with what I am trying to do!  Ah!

That being said, in the members database, each member has an unique member id, which will also serve as their username, once plugged into Joomla.  Don't the usernames in Joomla have to be unique too?  My mom and I are not concerned with people recovering their usernames, because they have membership cards with their member ids, which if they lose their cards, they have bigger problems than not getting into the member's area.  If they forget their id, they call into the office, but they are used to being able to reset their password, so this feature should stay, if possible.

This is what I was thinking - Instead of using the email as the "enter your {blank} to recover your password," we use the id, and whatever email address is associated with that id, unique or duplicate, gets an email with the password recovery link.  To me that ends up completing the same task - resetting the password via email - and also gives a way for people to have duplicate email addresses - using the username instead of the email address.

It truly will not work to make everyone have unique emails addresses, as it has just been going on like this for too long to create a fuss about it.  There are things for which I really need the entire membership as Joomla users, such as Kunena Forum, so not using Joomla is not an option either.

Thank you so much!  I hope there is a way to do this!  If it is not set up yet, maybe we can figure out the code that would make it work!  Thank you again!  Have a nice night!

Jennifer

[Jennifer de Spain]

Hey Everyone!  No, we did not fall off the face of the Earth.  This is still being developed, as there was a bug in the plugin.  What is happening now, is with the plugin, the user that is resetting the password becomes deactivated.  Donald is working to fix this.

Do any of you know, by any chance, if JomSocial can work if some of the users have duplicate email addresses?  I am not sure if anyone would have a reason to know that, since Joomla only allows unique email addresses, by default and JomSocial is used only for Joomla.  Anyway, does JomSocial have any requirements of its own, as far as duplicate email addresses?

Thank you!

Jennifer

--