We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 73
    • 37 Posts
    I want to build a change password feature into the logins UpdateProfile form, for some reason this doesn’t appear to be supported..

    So I create a snippet as a prehook to update these details when the Update profile form is submitted.
    This is in my update page resource:
    [[!UpdateProfile &preHook=`UpdatePassword`]]  

    To start with I am simply trying to echo out some simple string just to make sure the script is processing okay, so following the instructions at http://rtfm.modx.com/display/ADDON/Login.Using+Pre+and+Post+Hooks for passing back error messages, I am having absolutely no luck!

    Here’s the nebula of my UpdatePassword snippet:
    $pword1 = $scriptProperties['fields']['password'];
    $pword2 = $scriptProperties['fields']['password_confirm'];
    if($pword1 == $pword2){
    	$errorMsg = 'they match';
    	$errorMsg = 'they dont match';
    $scriptProperties['hook']->errors['user'] = $errorMsg; 
    return false;  

    So I am expecting to see the string “they match” or “they dont match” echoed out to the placeholder [[+hook.user]] in the lgnupdateprofile chunk, but alas nothing! Also tried placeholders [[+error.user]], [[+error.hook]] and [[+user.hook]] with no joy sad

    Hope I am not being dumb here?! Any tips very much appreciated...
      • 73
      • 37 Posts
      Now I don’t really want to give up on Revo and revert back to Evo, it’s such a great framework so here I am persevering..

      I’ve decided to stop trying to use the Login package for the change password feature as I can’t even get the hooks to work. I am now just trying to develop a standalone password changing form using the ModX Revo API. Unfortunately this is all very new to me also..

      So with baby steps I’m firstly just trying to echo out the user details in a snippet, but unfortunately the email address is not coming through! So then I try using the modUser.getSettings method, which appears to return an empty set!!
      $user = $modx->getUser();
      $output = "<p>";
      $output .= $user->get('username') . "<br />";
      $output .= $user->get('email') . "<br />";
      $output .= $user->get('password') . "<br />";
      $output .= "</p>";
      $output .= "<p>";
      $settings = $user->getSettings();
      foreach($settings as $key => $value){
      	$output .= $key . ": " . $value . "<br />";
      $output .= "</p>";
      return $output;

      How to return the email address for a start? Any help really appreciated!!

      If I can get this working I am happy to post all the code for all to use..

        • 73
        • 37 Posts
        Found this to answer my own q above:

        $email = $user->getOne('Profile')->get('email'); 
        $output .= "<p>".$email."</p>";

        still a way from changing password form though...
          • 73
          • 37 Posts
          Just went back to the Login’s UpdateProfile snippet, building up from scratch to see where stuff is breaking, and I think I’ve found a bug..

          It was all working fine until I add a hook to the snippet, at which point it breaks, or at the least it stops populating the default fields with the current users details, and gives no feedback after any form submission.

          I can only confirm the syntax for the &postHook parameter from the Modx Addons page, and adding any snippet with this parameter breaks it! I’ve also exhausted all other possible syntax that may be used here (&preHook, &preHooks, &prehook, &postHooks, &posthook, &hook, &hooks) all of which still seem to break the UpdateProfile snippet.

          Does anyone know if this really is a bug, or just something which isn’t covered fully on the docs?
            • 73
            • 37 Posts
            If anyone is actually reading this and wants to add a change password form to their website, I finally managed to do it smiley

             * ChangePassword snippet
            /* setup default properties */
            /* verify authenticated status */
            if (!$modx->user->hasSessionContext($modx->context->get('key'))) {
            /* get profile */
            $profile = $modx->user->getOne('Profile');
            if (empty($profile)) {
                $modx->log(modX::LOG_LEVEL_ERROR,'Could not find profile for user: '.$modx->user->get('username'));
                return '';
            $placeholders = $profile->toArray();
            $modx->toPlaceholders($placeholders, 'chgPwd');
            $error = false;
            if (!empty($_POST) && isset($_POST['updpword-btn'])) {
                  if(strlen($_POST['new_password']) < 8){
                    $modx->toPlaceholder('error.password', '<p class="error">New password must be at least 8 characters</p>');
                    $error = true;
                if($_POST['new_password'] != $_POST['password_confirm']){
                    $modx->toPlaceholder('error.password_confirm', '<p class="error">Passwords do not match!</p>');
                    $error = true;
                if($_POST['old_password'] == ''){
                    $modx->toPlaceholder('error.old_password', '<p class="error">Please provide your existing password</p>');
                    $error = true;
                    // no error messages set
                    // update pword..
                    if($modx->user->changePassword($_POST['new_password'], $_POST['old_password'])){
                        $message = '<p class="success">Successfully updated password.</p>';
                        $message = '<p class="error">Could not update password!</p>';
                $modx->toPlaceholder('error.message', '<p class="error">' . $message . '</p>');
            return '';

            Gave up trying to use the login package as frankly extending classes and the like is beyond my design/graphics background. Ended up just refering to the revo API and built this from the ground up. Its working for me right now but if anyone sees any potential security risks or other improvements I would be interested to know? Just hoping this goes some way to improving the documentation on this great framework..
              • 18835
              • 41 Posts
              nice work,

              But how do I use it?

              I created the snippet ChangePassword.
              Can I use it whe [[Changepassword]] or is there some chunck needed?
                • 73
                • 37 Posts
                This should do it for you..
                <div class="change-password">
                    <form class="form" action="[[~[[*id]]]]" method="post">
                        <label for="new_password">New password</label>
                                <input type="password" name="new_password" id="new_password" />
                        <label for="password_confirm">Confirm password</label>
                            <input type="password" name="password_confirm" id="password_confirm" />
                <br />
                        <label for="old_password">Old password</label>
                            <input type="password" name="old_password" id="old_password" />
                <br />
                            <input type="submit" name="updpword-btn" value="Change password" />
                  • 18835
                  • 41 Posts
                  THNX.. This is working! laugh
                    • 24287
                    • 14 Posts
                    Works perfectly fine for me as well! Thanks so much.

                    I really don’t understand why this is not a part of the login package. What’s the point of reseting the password, generate a new one and not being able to change it to a custom one?
                    • Usually "change password" just means reset a password because the user forgot his password. No need for custom passwords in that case.
                        Studying MODX in the desert - http://sottwell.com
                        Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
                        Join the Slack Community - http://modx.org