Commit 844d71ef authored by Nigel McNie's avatar Nigel McNie
Browse files

The 'forgot password' feature can now tell you your username.

You can now enter your username and be sent a password reminder too.

Several users of MyPortfolio have reported issues when they thought they knew their username but they didn't. Hopefully the email now telling you your username will help this.

Several language strings had to be changed. This is a bit suck, going on 1.0_STABLE.
parent 88d49607
......@@ -1465,7 +1465,7 @@ function auth_generate_login_form() {
),
'register' => array(
'value' => '<div><a href="' . get_config('wwwroot') . 'register.php" tabindex="2">' . get_string('register') . '</a>'
. '<br><a href="' . get_config('wwwroot') . 'forgotpass.php" tabindex="2">' . get_string('passwordreminder') . '</a></div>'
. '<br><a href="' . get_config('wwwroot') . 'forgotpass.php" tabindex="2">' . get_string('lostusernamepassword') . '</a></div>'
)
)
)));
......
......@@ -85,8 +85,9 @@ if (isset($_GET['key'])) {
$smarty->assign('heading', get_string('changepassword'));
$smarty->display('forgotpass.tpl');
exit;
} else {
define('TITLE', get_string('forgotpassword'));
}
else {
define('TITLE', get_string('forgotusernamepassword'));
}
$form = array(
......@@ -95,34 +96,36 @@ $form = array(
'action' => '',
'autofocus' => true,
'elements' => array(
'email' => array(
'emailusername' => array(
'type' => 'text',
'title' => get_string('emailaddress'),
'title' => get_string('emailaddressorusername'),
'description' => get_string('emailaddressdescription'),
'rules' => array(
'required' => true,
'email' => true
)
),
'submit' => array(
'type' => 'submit',
'value' => get_string('send')
'value' => get_string('sendrequest')
)
)
);
function forgotpass_validate(Pieform $form, $values) {
// The e-mail address cannot already be in the system
if (!$form->get_error('email') && !($user = get_record('usr', 'email', $values['email']))) {
$form->set_error('email', get_string('forgotpassnosuchemailaddress'));
return;
// See if the user input an email address or a username. We favour email addresses
if (!$form->get_error('emailusername')) {
if (!($authinstance = get_field('usr', 'authinstance', 'email', $values['emailusername']))) {
if (!($authinstance = get_field('usr', 'authinstance', 'username', $values['emailusername']))) {
$form->set_error('emailusername', get_string('forgotpassnosuchemailaddressorusername'));
}
}
}
if ($form->get_error('email')) {
if ($form->get_error('emailusername')) {
return;
}
$authobj = AuthFactory::create($user->authinstance);
$authobj = AuthFactory::create($authinstance);
if (!method_exists($authobj, 'change_password')) {
die_info(get_string('cantchangepassword'));
}
......@@ -132,11 +135,12 @@ function forgotpass_submit(Pieform $form, $values) {
global $SESSION;
try {
if (!$user = get_record('usr', 'email', $values['email'])) {
die_info(get_string('forgotpassnosuchemailaddress'));
if (!$user = get_record('usr', 'email', $values['emailusername'])) {
if (!$user = get_record('usr', 'username', $values['emailusername'])) {
die_info(get_string('forgotpassnosuchemailaddressorusername'));
}
}
$pwrequest = new StdClass;
$pwrequest->usr = $user->id;
$pwrequest->expiry = db_format_timestamp(time() + 86400);
......@@ -144,9 +148,22 @@ function forgotpass_submit(Pieform $form, $values) {
$sitename = get_config('sitename');
$fullname = display_name($user);
email_user($user, null,
get_string('forgotpassemailsubject', 'mahara', $sitename),
get_string('forgotpassemailmessagetext', 'mahara', $fullname, $sitename, $pwrequest->key, $sitename, $pwrequest->key),
get_string('forgotpassemailmessagehtml', 'mahara', $fullname, $sitename, $pwrequest->key, $pwrequest->key, $sitename, $pwrequest->key, $pwrequest->key));
get_string('forgotusernamepasswordemailsubject', 'mahara', $sitename),
get_string('forgotusernamepasswordemailmessagetext', 'mahara',
$fullname,
$sitename,
$user->username,
get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key,
get_config('wwwroot') . 'contact.php',
$sitename),
get_string('forgotusernamepasswordemailmessagehtml', 'mahara',
$fullname,
$sitename,
$user->username,
get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key,
get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key,
get_config('wwwroot') . 'contact.php',
$sitename));
insert_record('usr_password_request', $pwrequest);
}
catch (SQLException $e) {
......@@ -201,7 +218,7 @@ function forgotpasschange_submit(Pieform $form, $values) {
$smarty = smarty();
$smarty->assign('forgotpass_form', pieform($form));
$smarty->assign('heading', get_string('forgotpassword'));
$smarty->assign('heading', get_string('forgotusernamepassword'));
$smarty->display('forgotpass.tpl');
?>
<h3>Password Reminder</h3>
<p>If you have forgotten your password you can request a new one. Enter your primary email address in the box and click Send. You will be automatically emailed a link. Follow this to confirm your reset request and change your password.</p>
<p><strong>Warning:</strong> If you receive a password change email that you have not requested it may be fraudulent. Please forward the email to the site administrator with an explanatory note.</p>
<h3>Username/Password Reminder</h3>
<p>If you have forgotten your username or password, the site can send you a message telling you your username, and providing you a link you can click to reset your password. Enter your username or primary email address in the box and click 'Send request'. You will be automatically emailed. To change your password, follow the link in the email to confirm your reset request.</p>
<p><strong>Warning:</strong> If you receive a password change email that you have not requested it may be fraudulent. Do not click any links in such emails.</p>
......@@ -278,46 +278,47 @@ $string['language'] = 'Language';
// Forgot password
$string['cantchangepassword'] = 'Sorry, you are unable to change your password through this interface - please use your institution\'s interface instead';
$string['forgotpassword'] = 'Forgotten your password?';
$string['forgotpasswordtext'] = 'If you have forgotten your password, enter below the primary email address you have listed in your Profile and we will send you a key you can use to give yourself a new password';
$string['passwordreminder'] = 'Password Reminder';
$string['forgotusernamepassword'] = 'Forgotten your username or password?';
$string['forgotusernamepasswordtext'] = '<p>If you have forgotten your username or password, enter the email address listed in your profile and we will send you a message you can use to give yourself a new password.</p>
<p>If you know your username and have forgotten your password, you can also enter your username instead.</p>';
$string['lostusernamepassword'] = 'Lost Username/Password';
$string['emailaddressorusername'] = 'Email address or username';
$string['pwchangerequestsent'] = 'You should receive an e-mail shortly with a link you can use to change the password for your account';
$string['forgotpassemailsubject'] = 'Change password request for %s';
$string['forgotpassemailmessagetext'] = 'Dear %s,
$string['forgotusernamepasswordemailsubject'] = 'Username/Password details for %s';
$string['forgotusernamepasswordemailmessagetext'] = 'Dear %s,
A request to reset your password has been received for your %s account.
A username/password request has been made for your account on %s.
Please follow the link below to continue the reset process.
Your username is %s.
' . get_config('wwwroot') . 'forgotpass.php?key=%s
If you wish to reset your password, please follow the link below:
%s
If you did not request a password reset, please ignore this email.
If you have any questsions regarding the above, please feel free to contact
us.
If you have any questions regarding the above, please feel free to contact us:
' . get_config('wwwroot') . 'contact.php
%s
Regards, %s Site Administrator
Regards, %s Site Administrator';
$string['forgotusernamepasswordemailmessagehtml'] = '<p>Dear %s,</p>
' . get_config('wwwroot') . 'forgotpass.php?key=%s';
$string['forgotpassemailmessagehtml'] = '<p>Dear %s,</p>
<p>A username/password request has been made for your account on %s.</p>
<p>A request to reset your password has been received for your %s account.</p>
<p>Your username is <strong>%s</strong>.</p>
<p>Please follow the link below to continue the reset process.</p>
<p>If you wish to reset your password, please follow the link below:</p>
<p><a href="' . get_config('wwwroot') . 'forgotpass.php?key=%s">' . get_config('wwwroot') . 'forgotpass.php?key=%s</a></p>
<p><a href="%s">%s</a></p>
<p>If you did not request a password reset, please ignore this email.</p>
<p>If you have any questsions regarding the above, please feel free to <a href="' . get_config('wwwroot') . 'contact.php">contact us</a>.</p>
<p>If you have any questions regarding the above, please feel free to <a href="%s">contact us</a>.</p>
<p>Regards, %s Site Administrator</p>
<p><a href="' . get_config('wwwroot') . 'forgotpass.php?key=%s">' . get_config('wwwroot') . 'forgotpass.php?key=%s</a></p>';
<p>Regards, %s Site Administrator</p>';
$string['forgotpassemailsendunsuccessful'] = 'Sorry, it appears that the e-mail could not be sent successfully. This is our fault, please try again shortly';
$string['forgotpassnosuchemailaddress'] = 'The email address you entered doesn\'t match any users for this site';
$string['forgotpassnosuchemailaddressorusername'] = 'The email address or username you entered doesn\'t match any users for this site';
$string['forgotpasswordenternew'] = 'Please enter your new password to continue';
$string['nosuchpasswordrequest'] = 'No such password request';
$string['passwordchangedok'] = 'Your password was successfully changed';
......
......@@ -3,7 +3,7 @@
{include file="columnfullstart.tpl"}
{if $forgotpass_form}
<p>{str tag="forgotpasswordtext"}</p>
{str tag="forgotusernamepasswordtext"}
{$forgotpass_form}
{/if}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment