Jump to content
Sign in to follow this  

Custom Password Reset Page

Recommended Posts


So just like a custom login page, I would like to use a custom password reset page that allows customers to reset their password. The integration code readily available within WHMCS made it a breeze to setup custom page for login but not so much for password reset.

With some digging around, I was able to narrow down to the code below used on this WHMCS  page - https://abc.com/password/reset/begin

<form method="post" action="/password/reset/email/validate" role="form">
<input type="hidden" name="token" value="3f91d283a2546395d504d9d6cf0c218895584fca" />
<input type="hidden" name="action" value="reset" />

<div class="form-group">
<label for="inputEmail">Email Address</label>
<input type="email" name="email" class="form-control" id="inputEmail" placeholder="Enter email" autofocus>

<div class="text-center margin-bottom">

<div class="form-group text-center">
<button type="submit" class="btn primary-solid-btn">



I paste this code in a html file and test it out and it works intermittently but when uploaded to server (and after the custom redirections are taken care of for password reset), it does not work. I input the email address, and in following step it then displays a WHMCS 404 Oops Page instead of successfully sending password reset link over email.

To add, my WHMCS is well setup and password reset feature worked just fine before I tried setting up custom page i.e. pwreset.php still works fine but custom page passreset.html does not

I highly doubt the first two lines of the above code and I think culprit lies there. The value in 2nd line of code changes at every request and I have not been able to get my head around it on how to correctly implement it.

Please help!

Thank you in advance.




Share this post

Link to post
Share on other sites

Update - I was able to make this work but had to disable "CSRF Tokens: General" setting under General --> Security, which I am not so glad about.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Similar Content

    • By Manchester Web Hosting
      Hello everyone,
      Hoping someone can point me in the right direction. Bascially  after reviewing our video heatmaps we have found loads of drop offs on our checkout page due to potential new customers getting frustrted with having to keep inputting the password and security question IF the checkout form has any errors OR hasnt been filled out with all the required details.
      IF thats the case then the form refreshes and points out the errors. Now what we noiced is that the customer would the fill out OR correct the errors being pointed too and then submit BUT they dont fill out the password OR security question again as (I ASSUME) they think its already present when in fact its been cleared.
      Have seen potential customers going through the checkout form up to 10 times (I know right!) filling out the form and adding in missing OR fields that contain errors. Would be ideal IF they looked at everything and ensured that they filled out everything the first time round. A perfect customer alas thats not the case.
      SO trying to figure out how to keep anything inserted in the password and security answer fields at the very least saved AS they are for the personal fields (name + address) in case there is an error and the page spits out which errors those are. At the very least they wont have to add in those details again (as thats whats making them go round and round in circles!!!)
      Further, it would be great if that can also be applied to the card number and expiry field NOT the cvv tho for abovious reasons...
      I have checked the following files and cannot see where that removal takes place:
      js/jquery.payment.js js/scripts.min.js Also checked the HTML to see if there is any indicators there but cannot find anything. Pretty sure I am misssing something here i.e where the validation uccors maybe thats where those fileds are getting stripped?
      Any pointers to what I am missing OR how to implement that? I was thinking that dding in a class OR additional bootstrap class direct into the HTML field output would help?
    • By lamjed001
      From WHMCS 8.0 i noticed that Custom Field of type password become encrypted, how ?
      when i get Custom Field ( type password ) value via my module to make account with this password i saw that password is encrypted
      i used decrypt($password) it works fine
      but when i change the custom field type to text so decrypt($password) will not work because password already decoded ( original value )
      So my question is : how to get password from custom field ( type text btw this is not encrypted ) and from custom field ( type password encrypted ) because i need my addon to be compatible with both types

      Note : custom field of type text do not encrypt
      custom field of type password it become encrypted
    • By battles
      We can no longer reset client passwords from the Admin area nor can our clients reset password from the login/forgot password area.
    • By ModulesGarden
      1. Making Headway Towards Full WHMCS V8.0 Support

      As you most probably know, WHMCS V8.0 currently enjoys the beta status, and the stable version is only a matter of time as well. This can only mean one thing - we have once again put all our modules on the examination table!

      We are already releasing on a daily basis new WHMCS V8.0 and PHP 7.4 compatibility updates so catch up with all the latest releases, and stay on the lookout for more upcoming ones!
      cPanel Manage2 For WHMCS - v1.5.3 DirectAdmin Licenses For WHMCS - v1.4.1 Discount Center For WHMCS - v1.4.8 DNS Manager For WHMCS - v2.14.2 EURid Registrar For WHMCS - v1.3.3 Hosting Quota Notifications For WHMCS - v2.0.7 Name.com Registrar For WHMCS - v1.2.3 Password Manager For WHMCS - v2.2.10 Plesk Extended For WHMCS - v3.4.3 Quotes Automation For WHMCS - v2.1.3 Servertastic SSL For WHMCS - 1.4.4 Social Media Login For WHMCS - v1.3.6 Support Tickets Allocator For WHMCS - v1.3.4 Support Tickets Filter For WHMCS - v1.1.9 Unban Center For WHMCS - v2.3.2 WordPress Manager For WHMCS - v1.5.2
      Browse the Complete Support List!

      2. EasyDCIM v1.7.0 Release

      With the announcement of an all-new 1.7.0 version, EasyDCIM has once again hit the sweet spot by implementing a multi-purpose monitoring toolkit. This eagerly-welcomed feature simplifies greatly round-the-clock supervision of all devices and network ports, thereby allowing you to run your business without any risk of technical failure.

      This landmark event also includes the introduction of a brand new gear to a diverse collection of EasyDCIM-oriented modules. Advanced Monitoring For EasyDCIM has been designed to further extend the choice of actions to be performed within the area of monitors management.

      We also specifically recommend you check out the new mechanisms of system notifications, revisioned in such a way that you will never again miss any crucial change in the operation of your data center.

      Work Smarter Not Harder with EasyDCIM v1.7.0!

      Need Custom Software Development For Your Business?
      Get Your Free Quote Now! Specially for you we will adapt an application and its design to your own needs, create a new module or even a completely new system built from scratch!
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated