Dear all, 

We've been having problems resetting the passwords of users. After debugging I have concluded that the PasswordResetToken is not the same with the ResetToken. The ResetToken which is supplied by email to the user seems to be valid i.e. resetToken=fa407e7d-3cb5-4b1a-9162-e3a639468040

However, the PasswordResetToken seems to be 00000000-0000-0000-0000-000000000000, therefore, it fails to work when requested by the function: UserController.ChangePasswordByToken(PortalSettings.PortalId, username, txtPassword.Text, ResetToken) inside PasswordReset.ascx.cs.

Any ideas how to fix this? This question is related to my previous one. 

This is how I get the information:

                Guid resetTokenGuid = new Guid(ResetToken);

                var user = UserController.GetUserByName(1, username);

                string sPasswordResetToken = Convert.ToString(user.PasswordResetToken);

Thanks, 

Nectarios

Cathal, 

thanks for the reply. All the values in the PasswordResetToken and PasswordResetExpiration of the tabel vw_users are null. 

After I requested a password reset, I received the email. Then I checked the vw_users for the user who requested the reset but the values were still null. The LastModifiedOnDate field however contains the correct datetime of the password reset request. Any ideas how to have this fixed?

Thanks

Cathal, 

when I run the 'ALTER' statement based on the above code to update the UpdateUser sp (which seems to be outdated) I get an error:

Msg 207, Level 16, State 1, Procedure UpdateUser, Line 34

Invalid column name 'HmacAppId'.

Msg 207, Level 16, State 1, Procedure UpdateUser, Line 35

Invalid column name 'HmacAppSecret'.

I created HmacAppId and HmacAppSecret as NVARCHAR(256) in the Users table and then tried to request a password reset. I got the following error and also I couldn't login into the portal:

AbsoluteURL:/Default.aspx

DefaultDataProvider:DotNetNuke.Data.SqlDataProvider, DotNetNuke.SqlDataProvider

ExceptionGUID:76ddf4c1-0491-4a42-b253-ae1cf29a726c

AssemblyVersion:7.4.1

PortalId:1

UserId:-1

TabId:756

RawUrl:/Home/tabid/756/ctl/SendPassword/Default.aspx?returnurl=%252f&popUp=true

Referrer:http://xyz.co.uk/Home/tabid/756/ctl/SendPassword/Default.aspx?returnurl=%252f&popUp=true

UserAgent:Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36

ExceptionHash:sYHJNZEw6ROuwZIAiImdlQ==

Message:Procedure or function 'UpdateUser' expects parameter '@VanityUrl', which was not supplied.

StackTrace:

InnerMessage:Procedure or function 'UpdateUser' expects parameter '@VanityUrl', which was not supplied.

InnerStackTrace:

   at System.Data.SqlClient.SqlConnection. (SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
   at System.Data.SqlClient.SqlInternalConnection. (SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
   at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
   at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
   at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
   at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite)
   at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite)
   at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean asyncWrite)
   at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
   at Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(SqlConnection connection, CommandType commandType, String commandText, SqlParameter[] commandParameters)
   at Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(String connectionString, CommandType commandType, String commandText, SqlParameter[] commandParameters)
   at Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(String connectionString, String spName, Object[] parameterValues)
   at DotNetNuke.Security.Membership.Data.SqlDataProvider.UpdateUser(Int32 userId, Int32 portalID, String firstName, String lastName, Boolean isSuperUser, String email, String displayName, Boolean updatePassword, Boolean isApproved, Boolean refreshRoles, String lastIpAddress, Boolean isDeleted, Int32 lastModifiedByUserID)
   at DotNetNuke.Security.Membership.AspNetMembershipProvider.UpdateUser(UserInfo user)
   at DotNetNuke.Entities.Users.UserController.UpdateUser(Int32 portalId, UserInfo user, Boolean loggedAction, Boolean clearCache)
   at DotNetNuke.Entities.Users.UserController.ResetPasswordToken(UserInfo user, Boolean sendEmail)
   at DotNetNuke.Modules.Admin.Security.SendPassword.OnSendPasswordClick(Object sender, EventArgs e)
   at System.Web.UI.WebControls.LinkButton.OnClick(EventArgs e)
   at System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

Source:

FileName:

FileLineNumber:0

FileColumnNumber:0

Method:

Server Name: id19903