From 71b71dca297067c956cc62a8ca128474ebab0ae6 Mon Sep 17 00:00:00 2001 From: Mauro Mascia Date: Tue, 21 Apr 2015 16:17:34 +0200 Subject: [PATCH 1/4] Added ability to use the email address when doing a reset password request --- .../Process/ProcessForgotPassword.module | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/wire/modules/Process/ProcessForgotPassword.module b/wire/modules/Process/ProcessForgotPassword.module index da7bb8ac..c0fdd548 100644 --- a/wire/modules/Process/ProcessForgotPassword.module +++ b/wire/modules/Process/ProcessForgotPassword.module @@ -102,7 +102,7 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { $field = $this->modules->get("InputfieldText"); $field->attr('id+name', 'username'); $field->required = true; - $field->label = $this->_("Enter your user name"); + $field->label = $this->_("Enter your user name or email"); $field->description = $this->_("If you have an account in our system with a valid email address on file, an email will be sent to you after you submit this form. That email will contain a link that you may click on to reset your password."); $form->add($field); @@ -140,6 +140,16 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { // user was found, send them an email with reset link $this->step2_sendEmail($user); } + else { + // try also with the email address + $email = $this->sanitizer->email( $this->input->post->username ); + if ( strlen( $email ) ) { + $user = $this->users->get( "email=$email" ); + if ( $user && $user->id && $user->email == $email && !$user->isUnpublished() ) { + $this->step2_sendEmail( $user ); + } + } + } } $out = @@ -224,6 +234,9 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { return; } } + else { + $this->logError('Error in '.__CLASS__.'::'.__FUNCTION__.' : Problems sending password reset email to '.$user->email); + } } /** @@ -403,6 +416,4 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { return $form; } - -} - +} \ No newline at end of file From 0291df27073222728d2587e204e7d814fb02b33e Mon Sep 17 00:00:00 2001 From: Mauro Mascia Date: Tue, 21 Apr 2015 17:24:36 +0200 Subject: [PATCH 2/4] Added an option to enable or disable the ability to let the user enter their email address when requesting a password reset --- .../Process/ProcessForgotPassword.module | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/wire/modules/Process/ProcessForgotPassword.module b/wire/modules/Process/ProcessForgotPassword.module index c0fdd548..2a28a21a 100644 --- a/wire/modules/Process/ProcessForgotPassword.module +++ b/wire/modules/Process/ProcessForgotPassword.module @@ -38,7 +38,8 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { // allow passwords to be reset? $this->set('allowReset', 1); $this->set('table', 'process_forgot_password'); - $this->set('emailFrom', ''); + $this->set('emailFrom', ''); + $this->set('enableUseEmailForReset', 0); } /** @@ -140,7 +141,7 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { // user was found, send them an email with reset link $this->step2_sendEmail($user); } - else { + elseif ( $this->enableUseEmailForReset ) { // try also with the email address $email = $this->sanitizer->email( $this->input->post->username ); if ( strlen( $email ) ) { @@ -412,8 +413,18 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { $f->attr('name', 'emailFrom'); $f->label = __('Email address to send messages from'); if(isset($data['emailFrom'])) $f->attr('value', $data['emailFrom']); - $form->add($f); + $form->add($f); + + $f = wire('modules')->get( 'InputfieldCheckbox' ); + $f->label = __( 'Enable users to enter optionally their email address in place of their username' ); + $f->attr( 'id+name', 'enableUseEmailForReset' ); + $f->attr( 'value', 0 ); + $f->attr( 'checked', empty( $data['enableUseEmailForReset'] ) ? '' : 'checked' ); + $form->add($f); + return $form; } -} \ No newline at end of file + +} + From 9a2a45d179177a4261192e789f8e36ba86519b3c Mon Sep 17 00:00:00 2001 From: Mauro Mascia Date: Tue, 21 Apr 2015 17:37:44 +0200 Subject: [PATCH 3/4] Also the label should change optionally --- wire/modules/Process/ProcessForgotPassword.module | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/wire/modules/Process/ProcessForgotPassword.module b/wire/modules/Process/ProcessForgotPassword.module index 2a28a21a..6b32db20 100644 --- a/wire/modules/Process/ProcessForgotPassword.module +++ b/wire/modules/Process/ProcessForgotPassword.module @@ -102,8 +102,14 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { $field = $this->modules->get("InputfieldText"); $field->attr('id+name', 'username'); - $field->required = true; - $field->label = $this->_("Enter your user name or email"); + $field->required = true; + if ( $this->enableUseEmailForReset ) { + $field->label = $this->_("Enter your user name or email address"); + } + else { + $field->label = $this->_("Enter your user name"); + } + $field->description = $this->_("If you have an account in our system with a valid email address on file, an email will be sent to you after you submit this form. That email will contain a link that you may click on to reset your password."); $form->add($field); From 31058958de27902c9180ad8f8cac7fa9f97bcaff Mon Sep 17 00:00:00 2001 From: Mauro Mascia Date: Tue, 21 Apr 2015 20:28:00 +0200 Subject: [PATCH 4/4] Add check unique email address or fail silently --- wire/modules/Process/ProcessForgotPassword.module | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wire/modules/Process/ProcessForgotPassword.module b/wire/modules/Process/ProcessForgotPassword.module index 6b32db20..d23e09d0 100644 --- a/wire/modules/Process/ProcessForgotPassword.module +++ b/wire/modules/Process/ProcessForgotPassword.module @@ -150,7 +150,7 @@ class ProcessForgotPassword extends Process implements ConfigurableModule { elseif ( $this->enableUseEmailForReset ) { // try also with the email address $email = $this->sanitizer->email( $this->input->post->username ); - if ( strlen( $email ) ) { + if ( strlen( $email ) && count( $this->users->find( "email=$email" ) ) == 1 ) { $user = $this->users->get( "email=$email" ); if ( $user && $user->id && $user->email == $email && !$user->isUnpublished() ) { $this->step2_sendEmail( $user );