I have created an 'account activation email' message as follows:

Congratulations, your account at !site has been activated.

You may log in with following username and password:

username: !username
password: !password

When the message is recieved the !password is not converted to the users password. I'm guessing this is because the password is encrypted and therefore can not be retrieved.

But the help text for the this reads:

Enable and customize e-mail messages sent to users upon account activation (when an administrator activates an account of a user who has already registered, on a site where administrative approval is required). Available variables are: !username, !site, !password, !uri, !uri_brief, !mailto, !date, !login_uri, !edit_uri, !login_url.

Should the !password be removed?

Comments

Anonymous’s picture

Anonymous (not verified) CreditAttribution: Anonymous commented
Version: 6.3 » 5.14

I have this problem to.
Do you use a translation on your site (Dutch in my case). This might be the problem, since I have had this problem to with the pathauto module: See this thread: http://drupal.org/node/329506

This problem is different but might be related. But I don't know whether the translation really caused the problem like in the link.

cjgammon’s picture

cjgammon CreditAttribution: cjgammon commented

Was this problem ever solved? It doesn't seem to make sense that it is a translation issue. It says that the system will set up a password, but then when you try to echo that in the e-mail with !password, it doesn't work.

Anonymous’s picture

Anonymous (not verified) CreditAttribution: Anonymous commented

As far as I know this isn't solved. I also don't have the PHP skills yet to dive in the code and solve this myself, but if there's anybody here who has this problem too and who can fix it, it would be nice of course if the fix becomes public.

cjgammon’s picture

cjgammon CreditAttribution: cjgammon commented

This problem exists in drupal 6 as well.

degeer’s picture

degeer CreditAttribution: degeer commented

The following function is called (in drupal6):

function user_mail_tokens($account, $language) {
  global $base_url;
  $tokens = array(
    '!username' => $account->name,
    '!site' => variable_get('site_name', 'Drupal'),
    '!login_url' => user_pass_reset_url($account),
    '!uri' => $base_url,
    '!uri_brief' => preg_replace('!^https?://!', '', $base_url),
    '!mailto' => $account->mail,
    '!date' => format_date(time(), 'medium', '', NULL, $language->language),
    '!login_uri' => url('user', array('absolute' => TRUE, 'language' => $language)),
    '!edit_uri' => url('user/'. $account->uid .'/edit', array('absolute' => TRUE, 'language' => $language)),
  );
  if (!empty($account->password)) {
    $tokens['!password'] = $account->password;
  }
  return $tokens;
}

- !password is only set if the account password ($account->password) isn't empty.

I'm using http://drupal.org/project/genpass to automatically generate passwords, but it seems like $account->empty is empty anyway..

maheshvanneldas’s picture

maheshvanneldas CreditAttribution: maheshvanneldas commented

You can check for the hook_mail_alter, which in my case i found it in "user_type" module and the function is "user_types_mail_alter"

Here in $variables the !password is missing, we can add this missing value.

/**
 * Implementation of hook_mail_alter().
 * Override mail for user type if needed.
 */
function user_types_mail_alter(&$message) {
  switch ($message['id']) {
    case 'user_register_no_approval_required':
    case 'user_register_pending_approval':
      $user_type_id = user_types_add_page_id();
      $check = ($user_type_id == -1) ? 'user_types_untyped_mail_check' : 'user_types_mail_check_'. $user_type_id;
      $body_text = ($user_type_id == -1) ? 'user_types_untyped_mail_text' : 'user_types_mail_text_'. $user_type_id;
      if (variable_get($check, 0) == 1) {
        global $base_url;
        // Get new user
        $account = user_load(array('uid' => $GLOBALS['new_user']));
        $variables = array('!username' => $account->name, '!site' => variable_get('site_name', 'Drupal'), '!login_url' => user_pass_reset_url($account), '!uri' => $base_url, '!uri_brief' => substr($base_url, strlen('http://')), '!mailto' => $account->mail, '!date' => format_date(time()), '!login_uri' => url('user', array('absolute' => TRUE)), '!edit_uri' => url('user/'. $account->uid .'/edit', array('absolute' => TRUE)));
        $message['body'] = t(variable_get($body_text, _user_mail_text('welcome_body')), $variables);
      }
      break;
  }
}

Which i did 

/**
 * Implementation of hook_mail_alter().
 * Override mail for user type if needed.
 */
function user_types_mail_alter(&$message) {
  switch ($message['id']) {
    case 'user_register_no_approval_required':
    case 'user_register_pending_approval':
      $user_type_id = user_types_add_page_id();
      $check = ($user_type_id == -1) ? 'user_types_untyped_mail_check' : 'user_types_mail_check_'. $user_type_id;
      $body_text = ($user_type_id == -1) ? 'user_types_untyped_mail_text' : 'user_types_mail_text_'. $user_type_id;
      if (variable_get($check, 0) == 1) {
        global $base_url;
        // Get new user
        $account = user_load(array('uid' => $GLOBALS['new_user']));
        $variables = array('!username' => $account->name, '!password' => strip_tags($_POST['pass']['pass1']), '!site' => variable_get('site_name', 'Drupal'), '!login_url' => user_pass_reset_url($account), '!uri' => $base_url, '!uri_brief' => substr($base_url, strlen('http://')), '!mailto' => $account->mail, '!date' => format_date(time()), '!login_uri' => url('user', array('absolute' => TRUE)), '!edit_uri' => url('user/'. $account->uid .'/edit', array('absolute' => TRUE)));
        $message['body'] = t(variable_get($body_text, _user_mail_text('welcome_body')), $variables);
      }
      break;
  }
}
balsama’s picture

balsama
he/him
Primary language English
Location boston
CreditAttribution: balsama commented

I don't this is possible (possible to send the password in any email other than the account creation).

Drupal generates the password at account creation. Then hashes it and stores it in the database. There is no way to retrieve the unhashed version of the password after it is stored.

I think you would have to modify core to generate and store a new password when the activation email is sent.

Somebody please correct me if I am wrong.

mtpultz’s picture

mtpultz CreditAttribution: mtpultz commented

I've got this problem too trying to hunt down the above code and directly change it unfortunately I don't know any better.

I would think it should be possible as in my case a user can create an account, the admin gives them a password or has it auto selected and unblocks the account which triggers the activation email. Which in the user_settings page says that !password is a valid template variable.

Any other solutions then hacking? hack hack hack ACK!

Thanks :)

dpearcefl’s picture

dpearcefl CreditAttribution: dpearcefl commented
Status: Active » Closed (won't fix)

Considering the lack of activity on this issue and that Drupal v5 is no longer supported by fixes or patches, I am going to close this ticket. If this issue still exists and you want to continue to ask for technical support, please reopen and update this ticket.

jfama’s picture

jfama CreditAttribution: jfama commented
Version: 5.14 » 7.0
Status: Closed (won't fix) » Active

3 years and two versions later, this core issue hasn't been resolved. Any ideas? Does it just make sense to not have the username/password combo and just the login url by default?

marcingy’s picture

marcingy CreditAttribution: marcingy commented
Status: Active » Closed (works as designed)

Password no longer exists as a token for security reasons only a 1 time login link now exists.