it is my opinion that user_password() should be called in userplus.module to ensure a default password is created in the case one is not provided.

My userplus module has been modified in ways that don't fit the project, so I haven't attached a patch. I'll try to do so once I've removed unnecessary code from my copy of the module.

CommentFileSizeAuthor
#1 userplus.module.patch404 bytesdnotes
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

dnotes’s picture

Version: 6.x-2.2 » 6.x-2.3
Category: feature » bug
Status: Needs work » Needs review
FileSize
404 bytes

+1 for this: still an issue in 2.3 and 2.x-dev, and it's so important that I feel it's actually a bug in the module - I created 3 accounts today and the email was sent with "password: !password" - bad form IMHO. Here's a patch based on 2.3 version.

nonzero’s picture

Use strlen instead in the rare case that the password is cast to a boolean false.

if (strlen($u['pass']) == 0) {
  $u['pass'] = user_password();
}
marcp’s picture

Status: Needs review » Fixed

Thanks very much for this. I added a minor tweak so a default password gets created when the password field is filled with whitespace.

         // If they left the password field empty give them a random one.
         if (strlen(trim($u['pass'])) == 0) {
           $u['pass'] = user_password();
         }

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.