Adding Reset Password Support To Drupal 6 Password Recovery Email

Note: This post is over two years old and so the information contained here might be out of date. If you do spot something please leave a comment and we will endeavour to correct.

3rd January 2012 - 4 minutes read time

Drupal is capable of sending out a few different emails to users depending on different actions. The emails can be customised quite nicely with usernames, passwords, email addresses and other things by using a set of tokens. The password recovery email states that you can use the "!password" token to send the user their new password, but after a few tests I found that this token doesn't get replaced when the email is sent out.

The simplest solution here is just to remove this token from the description for this email. However, if you do want to allow user's to reset (and receive) their passwords by using this form then there are a couple of simple things you can do.

The first thing to be done is alter the user_pass form so that it uses a custom submit function that we will write. Add the following form hook to a module (or create your own for this purpose).

/**
 * Implements hook_form_form-id_alter().
 *
 * Overwrite the submit function of the request new password form.
 */
function mymodule_form_user_pass_alter(&amp;$form, &amp;$form_state) {
  $form['#submit'] = array('mymodule_user_pass_submit');
}

The next step is to rewrite the code of the user_pass_submit() submit function, but to create a save the user's password. All we need to do is call user_password() to create a password, save it to the user's account using user_save() and then make sure that it is passed to the email template.

/**
 * Overrides the submit function user_pass_submit().
 *
 * @see mymodule_form_user_pass_alter()
 */
function mymodule_user_pass_submit($form, &$form_state) {
  global $language;

  $account = $form_state['values']['account'];
  
  // Generate new password
  $password = user_password();
  
  // Save new password
  $savedetails = array('pass' => $password);
  user_save($account, $savedetails);
  
  // Set password parameter of $account object so that the new password is emailed.
  $account->password = $password;
  
  // Continue with the rest of the submit function
  
  // Mail one time login URL and instructions using current language.
  _user_mail_notify('password_reset', $account, $language);
  watchdog('user', 'Password reset instructions mailed to %name at %email.', array('%name' => $account->name, '%email' => $account->mail));
  drupal_set_message(t('Further instructions have been sent to your e-mail address.'));

  $form_state['redirect'] = 'user';
  return;
}

Now when your user's request a new password there current password will be changed and emailed to them.

password

Drupal

Drupal 6

Comments

Exactelly what i'm searching, thanks

Submitted by Anonymous on Tue, 01/10/2012 - 11:05

Permalink

Hi, Little bit out of topic. Do you have a snippets to redirect user to homepage"" instead of "/user", after user request to change password from "user/password"

Submitted by Xavier on Tue, 05/08/2012 - 09:23

Permalink

You could try using the Login Destination to redirect the user, although that might not be what you are after. An alternative would be to use a hook_form_alter() on the password form to add a redirect to the form submission.

Philip Norton

Submitted by philipnorton42 on Tue, 05/08/2012 - 10:39

Permalink

Adding Reset Password Support To Drupal 6 Password Recovery Email

Comments

Add new comment

Related Content

Drupal 10: Creating Context Aware Plugins

Drupal 10: Migrating Flags With The Migrate Module

Drupal 10: Programmatically Injecting Context Into Blocks

Drupal 10: Creating Custom Context Providers

Drupal 10: Using Context Definitions To Create Context Aware Plugins

Drupal 9: Loading Configuration Entities Using Entity Query