Adding Reset Password Support To Drupal 6 Password Recovery Email
Note: This post is over two years old and so the information contained here might be out of date. If you do spot something please leave a comment and we will endeavour to correct.
3rd January 2012 - 4 minutes read time
Drupal is capable of sending out a few different emails to users depending on different actions. The emails can be customised quite nicely with usernames, passwords, email addresses and other things by using a set of tokens. The password recovery email states that you can use the "!password" token to send the user their new password, but after a few tests I found that this token doesn't get replaced when the email is sent out.
The simplest solution here is just to remove this token from the description for this email. However, if you do want to allow user's to reset (and receive) their passwords by using this form then there are a couple of simple things you can do.
The first thing to be done is alter the user_pass form so that it uses a custom submit function that we will write. Add the following form hook to a module (or create your own for this purpose).
/**
* Implements hook_form_form-id_alter().
*
* Overwrite the submit function of the request new password form.
*/
function mymodule_form_user_pass_alter(&$form, &$form_state) {
$form['#submit'] = array('mymodule_user_pass_submit');
}
The next step is to rewrite the code of the user_pass_submit() submit function, but to create a save the user's password. All we need to do is call user_password() to create a password, save it to the user's account using user_save() and then make sure that it is passed to the email template.
/**
* Overrides the submit function user_pass_submit().
*
* @see mymodule_form_user_pass_alter()
*/
function mymodule_user_pass_submit($form, &$form_state) {
global $language;
$account = $form_state['values']['account'];
// Generate new password
$password = user_password();
// Save new password
$savedetails = array('pass' => $password);
user_save($account, $savedetails);
// Set password parameter of $account object so that the new password is emailed.
$account->password = $password;
// Continue with the rest of the submit function
// Mail one time login URL and instructions using current language.
_user_mail_notify('password_reset', $account, $language);
watchdog('user', 'Password reset instructions mailed to %name at %email.', array('%name' => $account->name, '%email' => $account->mail));
drupal_set_message(t('Further instructions have been sent to your e-mail address.'));
$form_state['redirect'] = 'user';
return;
}
Now when your user's request a new password there current password will be changed and emailed to them.
Hi,
Little bit out of topic.
Do you have a snippets to redirect user to homepage"" instead of "/user",
after user request to change password from "user/password"
You could try using the Login Destination to redirect the user, although that might not be what you are after.
An alternative would be to use a hook_form_alter() on the password form to add a redirect to the form submission.
Name
Philip Norton
Submitted by giHlZp8M8D on Tue, 05/08/2012 - 10:39
One of Drupal's strengths is its ability to create communities of users who contribute towards the content of the site. Whether you have an open forum, where users can create their own accounts, or a closed magazine with just a few editors your need to take the security of your users seriously.
Drupal has a quick and convenient way of creating ajax dialogs that gives users the ability to embed links in content that open up dialog boxes when clicked. This is a useful way of presenting a bit of content to a user without them navigating away from the page.
There are a number of different tools that allow you to validate and test a Drupal site. Inspecting your custom code allows you to adhere to coding standards and ensure that you stamp our common coding problems. Adding tests allows you to make certain that the functionality of your Drupal site works correctly.
Comments
Exactelly what i'm searching, thanks
Submitted by Anonymous on Tue, 01/10/2012 - 11:05
PermalinkSubmitted by Xavier on Tue, 05/08/2012 - 09:23
PermalinkSubmitted by giHlZp8M8D on Tue, 05/08/2012 - 10:39
PermalinkAdd new comment