Posted by bob_hirnlego on February 11, 2009 at 10:52am
Jump to:
| Project: | Legal |
| Version: | 6.x-2.2-beta4 |
| Component: | Miscellaneous |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
Normally - after resetting password - the user is redirected to user/uid/edit to let him change the password.
With legal installed, if user must agree to new conditions, the redirection goes to user/uid instead, breaking the password reset process.
This also contraddicts the statement contained in the mail sent to the user.
Comments
#1
I needed to solve this also.
Changed around line 444 to:
<?phpif (arg(1)=='reset') $add = '/reset';
drupal_goto('legal_accept/' . $signatory->uid . '/' . md5($signatory->name . $signatory->password . $signatory->login).$add);
?>
Changed the end of function legal_login_submit to :
uid . ($reset?'/edit':'');
return;
?>
#2
oops
<?php$reset = (arg(3)=='reset') ;
if ($reset) drupal_set_message('You have just used your one-time login link. It is no longer necessary to use this link to login. Please change your password.');
$form_state['redirect'] = 'user/'. $user->uid . ($reset?'/edit':'');
return;
?>
#3
Having the same problem. It's really confusing my users (who aren't the tech savvy bunch).
My work-around was to programatically add a link in the navigation menu (within my catch-all
.modulefile) with a link to "Set password", then I changed the email to direct their attention to it.<?php
/**
* Implementation of hook_menu
*
* Add a menu item for setting password.
*/
function custommodule_menu(){
$items['user/passwordhelp'] = array(
'title' => 'Set password',
'page callback' => 'custommodule_passwordhelp',
'access callback' => TRUE,
'type' => MENU_NORMAL_ITEM,
);
return $items;
}
/**
* Sets helpful status message and redirects to profile edit page.
*/
function custommodule_passwordhelp() {
global $user;
drupal_set_message(t('Please set your password below.'));
drupal_goto('user/' . $user->uid . '/edit');
}
?>
Just move this to be a child of "My account" and it should be fine. I know, I know, you could just as easily say click "edit", but then there's no fall-back if they don't read your instructions.
#4
To the maintainer: Great work on an awesome module!
I actually stopped by to post a concern and saw this was already filed. Personally, I think it would be better to put an exception for the forgot password flow so that the legal page doesn't pull up. Once someone goes to change their password, they will be promoted to accept the conditions on that page anyway. But the benefit is that the one-time link / password change flow is not interrupted.
Thanks!
#5
Fixed in next version 6.x.8.5
#6
Automatically closed -- issue fixed for 2 weeks with no activity.