Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Attached patch:
- Removes a now unnecessary #weight attribute.
- Checks for e-mail address validity before performing a costly user_load.
- Trims user input.
- Removes a notice
$account->uid
when $account is not an object [no account found]. - email should be e-mail.
-K
Comment | File | Size | Author |
---|---|---|---|
#9 | user_pass_fix.patch | 879 bytes | Gábor Hojtsy |
#5 | password-reset-correction_1.patch | 1.14 KB | Pasqualle |
#2 | password-reset-correction.patch | 1.12 KB | Zen |
pass-reset-form.patch | 1.72 KB | Zen | |
Comments
Comment #1
Dries CreditAttribution: Dries commentedWorks for me! Tested and committed.
Comment #2
Zen CreditAttribution: Zen commentedHi,
I just noticed that my earlier patch does not address usernames using an e-mail address format. The attached patch fixes that.
Thanks,
-K
Comment #3
Zen CreditAttribution: Zen commentedPatch still applies cleanly.
Comment #4
keith.smith CreditAttribution: keith.smith commentedBut no longer :(
# patch -p0 < password-reset-correction.patch
(Stripping trailing CRs from patch.)
patching file modules/user/user.module
Hunk #1 FAILED at 1169.
1 out of 1 hunk FAILED -- saving rejects to file modules/user/user.module.rej
Comment #5
Pasquallereroll
test:
1. admin/user/user/create - create user with name: name@name.com email: mail@mail.com
2. logout
3. user/password - enter name@name.com
Comment #6
Dries CreditAttribution: Dries commentedI might be better to roll back to the original version then? It's slightly more easier to read, IMO.
Comment #7
Gábor HojtsyDries, I assume you mean the original version of the patch. It is not exactly right, as it identifies "Dries@drupal.org" kind of usernames (as supported by drupal.module in previous Drupal versions, possible to install alongside Drupal 6 as a contrib) as an email address and will fail to load the user, not going to try this as a username too.
Comment #8
catchJust to confirm I tested this on a clean install, and it works fine with name@name usernames. So I'm marking to RTBC.
Comment #9
Gábor HojtsyI looked at the patches, and reread Dries' concern. Indeed, we should not call something a cleanup, when it solves the same problem with over-commented, hard to follow code, when it does not solve any performance problems at the same time. The password request page is so seldom used, that I rolled back to the more cleaner version (but still added two lines of comments there to make it clear).
Committed the attached patch.
Comment #10
(not verified) CreditAttribution: commentedAutomatically closed -- issue fixed for two weeks with no activity.