Change the app "retrieve_pswd"

Scriptcase 9 Others
#1

I want to change the Scriptcase security app “retrieve_pswd”, so the user uses their email to retrieve a new password when they have forgotten their password. We are using a member number to create a user, so it’s way too easy to type in the wrong number.
I changed the “login” to “email” in the events and the php methods.
After executing the email, I am getting the success message. After that, I am getting the message
Undefined variable: email
Username does not exist!
Has anyone tried to do something similar and have a solution?

#2

I made it work by following changes:

In events, I changed the OnScriptinit:

if(isset($_GET[‘act_code’]) && !empty($_GET[‘act_code’]))
{
$act_code = trim($_GET[‘act_code’]);
$sql = "SELECT
email
FROM
sec_users
WHERE
activation_code = ". sc_sql_injection($act_code);
sc_lookup(rs, $sql);

if({rs} !== FALSE && isset({rs}[0][0]))
{
$usr_login = {rs[0][0]};

  sc_set_global($usr_login);
  sc_apl_status('app_change_pswd', 'on');
  sc_redir("app_change_pswd", act_code=$act_code; usr_login=$usr_login);

}
else
{
sc_alert( {lang_act_code_error} );
}
//sc_exit(ok);
}

if(isset([usr_login]) && !empty([usr_login]))
{
send_new_pswd();
//sc_redir(‘login’);
}

Under Programming and PHP Methods I changed following methods:

search_email

$sql = “SELECT email FROM sec_users WHERE email = '”.$param_login."’";

sc_lookup(rs, $sql);

if({rs} === FALSE || count({rs}) == 0)
{
sc_error_message({lang_error_login_not_exist});
sc_error_exit();
}
else
{
return {rs[0][0]};
}

sen_act

$act_code = act_code();

$sql = “UPDATE
sec_users
SET
activation_code = '”. $act_code ."’
WHERE
email = ‘". [usr_login] ."’";

sc_exec_sql($sql);

send_mail_message({lang_send_act_code}
. "
<a href=‘http://". $_SERVER[‘HTTP_HOST’] . $_SERVER[‘SCRIPT_NAME’]. “?act_code=” . $act_code ."’> http://".$_SERVER[‘HTTP_HOST’] . $_SERVER[‘SCRIPT_NAME’]. “?act_code=” . $act_code ." ");

send_new_password

$pswd = act_code();
$sql = “UPDATE sec_users SET pswd = '”. hash(“sha512”,$pswd) ."’ WHERE email = ‘". [usr_login] ."’";
sc_exec_sql($sql);

send_mail_message({lang_send_new_pswd} . $pswd);

send_pasw_mail

sc_lookup(rs, “SELECT
pswd
FROM
sec_users
WHERE
email = '”. [usr_login] ."’");

send_mail_message({lang_send_pswd} . " ". {rs[0][0]}) ;

Under Form Settings / Edit Fields, I changed the {lang_sec_users_fild_login} to {lang_sec_users_fild_email}