aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCash Costello <cash.costello@gmail.com>2011-11-19 07:45:33 -0500
committercash <cash.costello@gmail.com>2011-11-28 21:44:01 -0500
commit4f1c656f51bacaa5c9e3e0550cf0cfb3422f879f (patch)
tree76a8d23750d7442477023abf37d60c8b01832cbb
parent268b33d5338ec2e4da9a0a3c81a8917ce1bfda60 (diff)
downloadelgg-4f1c656f51bacaa5c9e3e0550cf0cfb3422f879f.tar.gz
elgg-4f1c656f51bacaa5c9e3e0550cf0cfb3422f879f.tar.bz2
Fixes #641 users can submit email address to reset password
-rw-r--r--actions/login.php1
-rw-r--r--actions/user/requestnewpassword.php5
-rw-r--r--languages/en.php10
-rw-r--r--views/default/forms/user/requestnewpassword.php2
4 files changed, 11 insertions, 7 deletions
diff --git a/actions/login.php b/actions/login.php
index 5934d1423..c717faadd 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -28,7 +28,6 @@ if (empty($username) || empty($password)) {
}
// check if logging in with email address
-// @todo Are usernames with @ not allowed?
if (strpos($username, '@') !== FALSE && ($users = get_user_by_email($username))) {
$username = $users[0]->username;
}
diff --git a/actions/user/requestnewpassword.php b/actions/user/requestnewpassword.php
index 5dfa24952..f1d4fa43c 100644
--- a/actions/user/requestnewpassword.php
+++ b/actions/user/requestnewpassword.php
@@ -8,6 +8,11 @@
$username = get_input('username');
+// allow email addresses
+if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) {
+ $username = $users[0]->username;
+}
+
$user = get_user_by_username($username);
if ($user) {
if (send_new_password_request($user->guid)) {
diff --git a/languages/en.php b/languages/en.php
index af97e112d..1576ed73d 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -20,7 +20,7 @@ $english = array(
'login' => "Log in",
'loginok' => "You have been logged in.",
'loginerror' => "We couldn't log you in. Please check your credentials and try again.",
- 'login:empty' => "Username and password are required.",
+ 'login:empty' => "Username/email and password are required.",
'login:baduser' => "Unable to load your user account.",
'auth:nopams' => "Internal error. No user authentication method installed.",
@@ -222,8 +222,8 @@ $english = array(
'RegistrationException:EmptyPassword' => 'The password fields cannot be empty',
'RegistrationException:PasswordMismatch' => 'Passwords must match',
'LoginException:BannedUser' => 'You have been banned from this site and cannot log in',
- 'LoginException:UsernameFailure' => 'We could not log you in. Please check your username and password.',
- 'LoginException:PasswordFailure' => 'We could not log you in. Please check your username and password.',
+ 'LoginException:UsernameFailure' => 'We could not log you in. Please check your username/email and password.',
+ 'LoginException:PasswordFailure' => 'We could not log you in. Please check your username/email and password.',
'LoginException:AccountLocked' => 'Your account has been locked for too many log in failures.',
'LoginException:ChangePasswordFailure' => 'Failed current password check.',
@@ -531,7 +531,7 @@ $english = array(
'user:password:resetreq:success' => 'Successfully requested a new password, email sent',
'user:password:resetreq:fail' => 'Could not request a new password.',
- 'user:password:text' => 'To request a new password, enter your username below and click the Request button.',
+ 'user:password:text' => 'To request a new password, enter your username or email address below and click the Request button.',
'user:persistent' => 'Remember me',
@@ -1064,7 +1064,7 @@ Your password has been reset to: %s",
Somebody (from the IP address %s) has requested a new password for their account.
-If you requested this click on the link below, otherwise ignore this email.
+If you requested this, click on the link below. Otherwise ignore this email.
%s
",
diff --git a/views/default/forms/user/requestnewpassword.php b/views/default/forms/user/requestnewpassword.php
index 8a5a18734..c90971eaf 100644
--- a/views/default/forms/user/requestnewpassword.php
+++ b/views/default/forms/user/requestnewpassword.php
@@ -11,7 +11,7 @@
<?php echo elgg_echo('user:password:text'); ?>
</div>
<div>
- <label><?php echo elgg_echo('username'); ?></label><br />
+ <label><?php echo elgg_echo('loginusername'); ?></label><br />
<?php echo elgg_view('input/text', array(
'name' => 'username',
'class' => 'elgg-autofocus',