3 files changed, 40 insertions, 10 deletions

diff --git a/actions/login.php b/actions/login.php
index b43a9e5e7..82b4d10b4 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -41,7 +41,27 @@
             else
             	forward("pg/dashboard/");

         } else {

-            register_error(elgg_echo('loginerror'));

+        	$error_msg = elgg_echo('loginerror');

+        	// figure out why the login failed

+        	if (!empty($username) && !empty($password)) {

+        		// See if it exists and is disabled

+				$access_status = access_get_show_hidden_status();

+				access_show_hidden_entities(true);

+        		if (($user = get_user_by_username($username)) && !$user->validated) {

+        			// give plugins a chance to respond

+        			if (!trigger_plugin_hook('unvalidated_login_attempt','user',array('entity'=>$user))) {

+        				// if plugins have not registered an action, the default action is to

+        				// trigger the validation event again and assume that the validation

+        				// event will display an appropriate message

+						trigger_elgg_event('validate', 'user', $user);

+        			}

+        		} else {

+        			 register_error(elgg_echo('loginerror'));

+        		}

+        		access_show_hidden_entities($access_status);

+        	} else {

+            	register_error(elgg_echo('loginerror'));

+        	}

         }

       

 ?>
\ No newline at end of file
diff --git a/actions/user/requestnewpassword.php b/actions/user/requestnewpassword.php
index de7147a7b..0e685adde 100644
--- a/actions/user/requestnewpassword.php
+++ b/actions/user/requestnewpassword.php
@@ -16,18 +16,28 @@
 	action_gatekeeper();
 	
 	$username = get_input('username');
-	
+	

+	$access_status = access_get_show_hidden_status();

+	access_show_hidden_entities(true);
 	$user = get_user_by_username($username);
 	if ($user)
-	{
-		if (send_new_password_request($user->guid))
-			system_message(elgg_echo('user:password:resetreq:success'));
-		else
-			register_error(elgg_echo('user:password:resetreq:fail')); 
+	{

+		if ($user->validated) {
+			if (send_new_password_request($user->guid))
+				system_message(elgg_echo('user:password:resetreq:success'));
+			else
+				register_error(elgg_echo('user:password:resetreq:fail'));

+		} else if (!trigger_plugin_hook('unvalidated_requestnewpassword','user',array('entity'=>$user))) {

+        	// if plugins have not registered an action, the default action is to

+        	// trigger the validation event again and assume that the validation

+        	// event will display an appropriate message

+			trigger_elgg_event('validate', 'user', $user);

+        }
 	}
 	else
-		register_error(sprintf(elgg_echo('user:username:notfound'), $username));
-	
+		register_error(sprintf(elgg_echo('user:username:notfound'), $username));

+		
+	access_show_hidden_entities($access_status);
 	forward($_SERVER['HTTP_REFERER']);
 	exit;
 ?>
\ No newline at end of file
diff --git a/mod/uservalidationbyemail/languages/en.php b/mod/uservalidationbyemail/languages/en.php
index 19f09aa50..f1741e463 100644
--- a/mod/uservalidationbyemail/languages/en.php
+++ b/mod/uservalidationbyemail/languages/en.php
@@ -27,7 +27,7 @@ Congratulations, you have successfully validated your email address.",
 		'email:confirm:success' => "You have confirmed your email address!",
 		'email:confirm:fail' => "Your email address could not be verified...",
 	
-		'uservalidationbyemail:registerok' => "To activate your account, please confirm your email address by clicking on the link we sent you."
+		'uservalidationbyemail:registerok' => "To activate your account, please confirm your email address by clicking on the link we just sent you."
 	
 	);