Skip to content

Commit

Permalink
pkp#9301 removed user email address confirmation from password reset …
Browse files Browse the repository at this point in the history
…message (pkp#9519)
  • Loading branch information
touhidurabir authored Nov 17, 2023
1 parent 0eb9391 commit 80eb1bc
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 35 deletions.
3 changes: 0 additions & 3 deletions locale/en/user.po
Original file line number Diff line number Diff line change
Expand Up @@ -504,9 +504,6 @@ msgstr ""
"Your data is stored in accordance with our <a href=\"{$privacyUrl}\" target="
"\"_blank\">privacy statement</a>."

msgid "user.login.lostPassword.invalidUser"
msgstr "No user exists with the specified email address."

msgid "user.login.lostPassword.confirmationSentFailedWithReason"
msgstr "Unable to complete password reset request because {$reason}."

Expand Down
60 changes: 28 additions & 32 deletions pages/login/LoginHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -223,45 +223,41 @@ public function requestResetPassword($args, $request)
$email = $request->getUserVar('email');
$user = Repo::user()->getByEmail($email, true); /** @var User $user */

if ($user === null) {
$templateMgr
->assign('error', 'user.login.lostPassword.invalidUser')
->display('frontend/pages/userLostPassword.tpl');

return;
}
if ($user !== null) {

if ($user->getDisabled()) {
$templateMgr
->assign([
'error' => 'user.login.lostPassword.confirmationSentFailedWithReason',
'reason' => empty($reason = $user->getDisabledReason() ?? '')
? __('user.login.accountDisabled')
: __('user.login.accountDisabledWithReason', ['reason' => htmlspecialchars($reason)])
])
->display('frontend/pages/userLostPassword.tpl');

return;
}

if ($user->getDisabled()) {
$templateMgr
->assign([
'error' => 'user.login.lostPassword.confirmationSentFailedWithReason',
'reason' => empty($reason = $user->getDisabledReason() ?? '')
? __('user.login.accountDisabled')
: __('user.login.accountDisabledWithReason', ['reason' => htmlspecialchars($reason)])
])
->display('frontend/pages/userLostPassword.tpl');
// Send email confirming password reset
$site = $request->getSite(); /** @var Site $site */
$context = $request->getContext(); /** @var Context $context */
$template = Repo::emailTemplate()->getByKey(
$context ? $context->getId() : PKPApplication::CONTEXT_SITE,
PasswordResetRequested::getEmailTemplateKey()
);
$mailable = (new PasswordResetRequested($site))
->recipients($user)
->from($site->getLocalizedContactEmail(), $site->getLocalizedContactName())
->body($template->getLocalizedData('body'))
->subject($template->getLocalizedData('subject'));
Mail::send($mailable);

return;
}

// Send email confirming password reset
$site = $request->getSite(); /** @var Site $site */
$context = $request->getContext(); /** @var Context $context */
$template = Repo::emailTemplate()->getByKey(
$context ? $context->getId() : PKPApplication::CONTEXT_SITE,
PasswordResetRequested::getEmailTemplateKey()
);
$mailable = (new PasswordResetRequested($site))
->recipients($user)
->from($site->getLocalizedContactEmail(), $site->getLocalizedContactName())
->body($template->getLocalizedData('body'))
->subject($template->getLocalizedData('subject'));
Mail::send($mailable);

$templateMgr->assign([
'pageTitle' => 'user.login.resetPassword',
'message' => 'user.login.lostPassword.confirmationSent',
'backLink' => $request->url(null, $request->getRequestedPage(), null, null, ['username' => $user->getUsername()]),
'backLink' => $request->url(null, $request->getRequestedPage(), null, null),
'backLinkLabel' => 'user.login',
])->display('frontend/pages/message.tpl');
}
Expand Down

0 comments on commit 80eb1bc

Please sign in to comment.