cancel
Showing results for 
Search instead for 
Did you mean: 

Correct password change attempt shows mismatch password error in ce1.9.0.1

SOLVED

Correct password change attempt shows mismatch password error in ce1.9.0.1

Hello!

 

So I am currently having an issue in ce 1.9.0.1 where when a customer tries to change their password via change password from the Account page, they will type in current password, and the new password correctly in the new and confirm field, it displays the 'Please make sure your password don't mismatch' error.

 

Oddly enough, going onto the development site which is 95% the exact same site, it works via the dev site, but not the live site.

 

I have checked the Mage/Customer/Model/Customer.php and it is the exact same as the dev site, namely;

 

        $confirmation = $this->getConfirmation();
        if ($password != $confirmation) {
            $errors[] = Mage::helper('customer')->__('Please make sure your passwords match.');
        }

 

Which I know with ce 1.9.1.0, it can cause issues with needing to be 'getPasswordConfirmation();' .. however that is not the issue here.

 

I have also gone and checked the base/default/template/customer/form/edit.phtml to see if anything wonky could've changed there, but also to no avail. I am completely stumped, anyone have any ideas what could be going wrong?? Thanks!

3 REPLIES

Re: Correct password change attempt shows mismatch password error in ce1.9.0.1

Just an update which ended up being the fix. I am not sure exactly what had been changed at some point in time, but the Mage/Customer/controllers/AccountController.php we're different between the live and dev sites, so taking the dev's version to here fixed the issue. Now I must look further to see what was different between the two. But theres that!

Re: Correct password change attempt shows mismatch password error in ce1.9.0.1

Hi I am having the same issue, could you share your AccountController.php?

 

Thanks

Re: Correct password change attempt shows mismatch password error in ce1.9.0.1

@WYamout It turned out that the file had been compromised. I would look into the file for any suspicious code, and in the mean time, download a fresh Magento of your current version, and put the fresh AccountController.php in place of the defective one.