[drupal-docs] Password reminder mails will be broken in 4.7
Karoly Negyesi
karoly at negyesi.net
Fri Aug 26 05:49:37 UTC 2005
Hi!
As we now use a one time URL mechanism to let those in who forgot their
password, the reminder mail have been changed. Unlike other updates this
can't be handled automatically since this is user entered text, albeit
with some variables.
Here is the new text:
case 'pass_body':
return t("%username,\n\nA request to reset the password for your
account has been made at %site.\n\nYou may now log in to %uri_brief
clicking on this link or copying and pasting it in your
browser:\n\n%login_url\n\nThis is a one-time login, so it can be used only
once. It expires after one day and nothing will happen if it's not
used.\n\nAfter logging in, you will be redirected to %edit_uri so you can
change your password.", $variables);
Versus the old.
case 'pass_body':
return t("%username,\n\nHere is your new password for %site. You
may now login to %login_uri using the following username and
password:\n\nusername: %username\npassword: %password\n\nAfter logging in,
you may wish to change your password at %edit_uri", $variables);
If someone ever pressed save on admin/settings then the text is served
from DB and not from code. That's the problem.
As you can see, %login_url is needed and %password is no more filled in so
password reminders are pretty much useless.
I have no idea on how should we remind our users of this but somehow we
must. Or at least I think this is important. Feel free to disregard my
email as usual.
Regards
NK
More information about the drupal-docs
mailing list