Ticket #6019 (closed defect: fixed)

Opened 8 months ago

Last modified 8 months ago

Forgot Password in the Customer Portal login page retrieve wrong password

Reported by: Pierluigi.Bucolo Assigned to: developer
Priority: critical Milestone: 5.1.0
Component: customerportal Version: 5.1.0-val2
Keywords: Cc:

Description

Forgot Password in the Customer Portal login page when there are two contacts having the same email, retrieve only the first password in the vtiger_portalinfo.

The Customer Portal use EmailID/Password like UNIQUEID to authenticate the contact. (see: http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5908).

The form to retrieve the password ask ONLY for the EmailID that identify two (or more) contacts, so the emailId provide an ambiguous key. If two contacts share the same ID and togheter have access to the portal, in case of password retrieve only the first portal enabled contact can retrieve own password.

Sorry, but I don't understand this design. The Email is personal. Why different contacts can be use the same email ?

For me the EmailID must be UNIQUE and must be a KEY in the vtiger_contactdetails table, so in the vtiger_portalinfo there will be no ambiguity.

Please correct this issue.

Change History

06/12/09 04:03:05 changed by asha

  • status changed from new to closed.
  • resolution set to fixed.

This issue is resolved with the changeset - [12725]

Please feel free to re-open the ticket if this doesn't address the issue.