Closed (fixed)
Project:
Force Password Change
Version:
7.x-1.0-rc2
Component:
Code
Priority:
Critical
Category:
Bug report
Assigned:
Reporter:
Created:
23 May 2011 at 14:19 UTC
Updated:
22 Dec 2016 at 02:24 UTC
Jump to comment: Most recent
Comments
Comment #1
divan commentedI have the same problem. please help how to fix it
... I managed to restore the system in file swapping "global $ user;" with "$ user = new StdClass;", so when it enters again as dev system gave me an error, but at least let me get to the modules and uninstal problematic module
Comment #2
MohMag commentedI have same issue. In fact I force changed password for only one role to test, and not it is looping for every user, even for administrator user. I can not even login as administrator.
Comment #3
jvendryes commentedI'm also having this issue. What do we do?
Comment #4
dwalker51 commentedI had to disable the module via drush to get back into my site.
drush dis force_password_changeI then did
drush pm-uninstallThis removed the tables from the database
I downloaded the module again
drush dl force_password_changeIt seems that the problem occurs when you configure the module to force password change on first login, it does this for the admin and accepts the new password, but then requieres a new login again..., I have left this option disabled for the moment
Comment #5
kenmc commentedThe problem stems from $pending_users[$account->uid] never being unset in the second conditional clause of force_password_change_user_update().
Comment #6
SweetTomato commentedAre others still having this issue? I am in an infinite change password loop like in #4 above "It seems that the problem occurs when you configure the module to force password change on first login, it does this for the admin and accepts the new password, but then requires a new login again." This is in Drupal 7.28 I believe.
Comment #7
sfcamil commentedHy,
I have exact the same problem and I don't understand why. The problem is that is random not every user have this situation. That’s the big problem. I try with my account and everything is ok. But another user after his is forced to change the password every re-login it must to change the password again and again. Is the browser? No error messages in logs..... I don't understand….
If someone has an idea, how to get some logs or anything else …..
Thank you.
Comment #8
sfcamil commentedJust see that after the user input the password and click on submit button I just see a flip-flap of the page, just like drupal want to go somewhere but change the direction immediately. Something like that.
I look (debug) on function force_password_change_user_update function and I see the variable $destination is ‘node/1’ but after the user press the button to change pass it stay on the same page. Something goes wrong there but I don’t know what.
Commented the line $_REQUEST['destination'] = $destination; and the user stay in the same edit page but no more flip-flap of the page.
I want to see if something changes…….
Comment #9
Peters196 commentedI had exactly the same problem. The administrator not being able to access his own website because of this infinite loop of password change requests is not fun!!
I know a little php but not enough to follow drupal modules in detail.
I did however find that display of the password request page was conditional on variable $redirect being TRUE (line 98 of force_password_change.module).
My solution: Find all references to '$redirect = TRUE' (lines 79 and 93) and change them to '$redirect = FALSE' and VOILA!! I got access to my website again.
Obviously this means that the whole module does absolutely nothing, but it does allow you to continue using your site until the author (or other drupal php expert) produces a proper solution, or for you to uninstall this module and get something which works!
Comment #10
mastersh4h commentedI enclosed the
statements on lines 79 and 93 in if statements to bypass the endless loop for admin accounts.
Comment #11
DevBeware commentedPour moi j'ai du verifier si l'utilisateur courant était devais bien changer le password ou pas.
Line : 79 and 93
Comment #12
alex.xequals commentedSame problem here... installed this module because it looked like a quick and easy way to force users to change their password upon first login. Now user1, as well as all other users, are stuck in an infinite password reset loop. The whole site is locked up and no one can do anything and I have to go uninstall the module via the database.... fun times. Apparently this module is a better alternative but I'm yet to try it: https://www.drupal.org/project/password_policy
Comment #13
phubear commentedFor those that have problems with this and are using the admin_menu module, I suggest looking at https://www.drupal.org/node/1897362#comment-11627731 for possible fix.
Comment #14
jaypanI believe this was caused by an ajax request issue, where ajax requests were being redirected to the account page for the user to change their password. I fixed this in another issue. If someone sees the problem again, please re-open, with steps to recreate the issue.