From 80eb1bc01acc46374689514f06a6af6c2e4f5d24 Mon Sep 17 00:00:00 2001 From: Touhidur Rahman Date: Sat, 18 Nov 2023 03:47:51 +0600 Subject: [PATCH] pkp/pkp-lib#9301 removed user email address confirmation from password reset message (#9519) --- locale/en/user.po | 3 -- pages/login/LoginHandler.php | 60 +++++++++++++++++------------------- 2 files changed, 28 insertions(+), 35 deletions(-) diff --git a/locale/en/user.po b/locale/en/user.po index 4eff34baaf1..3e86305a91d 100644 --- a/locale/en/user.po +++ b/locale/en/user.po @@ -504,9 +504,6 @@ msgstr "" "Your data is stored in accordance with our privacy statement." -msgid "user.login.lostPassword.invalidUser" -msgstr "No user exists with the specified email address." - msgid "user.login.lostPassword.confirmationSentFailedWithReason" msgstr "Unable to complete password reset request because {$reason}." diff --git a/pages/login/LoginHandler.php b/pages/login/LoginHandler.php index 4ea6edd7731..38faf80c5a3 100644 --- a/pages/login/LoginHandler.php +++ b/pages/login/LoginHandler.php @@ -223,45 +223,41 @@ public function requestResetPassword($args, $request) $email = $request->getUserVar('email'); $user = Repo::user()->getByEmail($email, true); /** @var User $user */ - if ($user === null) { - $templateMgr - ->assign('error', 'user.login.lostPassword.invalidUser') - ->display('frontend/pages/userLostPassword.tpl'); - - return; - } + if ($user !== null) { + + if ($user->getDisabled()) { + $templateMgr + ->assign([ + 'error' => 'user.login.lostPassword.confirmationSentFailedWithReason', + 'reason' => empty($reason = $user->getDisabledReason() ?? '') + ? __('user.login.accountDisabled') + : __('user.login.accountDisabledWithReason', ['reason' => htmlspecialchars($reason)]) + ]) + ->display('frontend/pages/userLostPassword.tpl'); + + return; + } - if ($user->getDisabled()) { - $templateMgr - ->assign([ - 'error' => 'user.login.lostPassword.confirmationSentFailedWithReason', - 'reason' => empty($reason = $user->getDisabledReason() ?? '') - ? __('user.login.accountDisabled') - : __('user.login.accountDisabledWithReason', ['reason' => htmlspecialchars($reason)]) - ]) - ->display('frontend/pages/userLostPassword.tpl'); + // Send email confirming password reset + $site = $request->getSite(); /** @var Site $site */ + $context = $request->getContext(); /** @var Context $context */ + $template = Repo::emailTemplate()->getByKey( + $context ? $context->getId() : PKPApplication::CONTEXT_SITE, + PasswordResetRequested::getEmailTemplateKey() + ); + $mailable = (new PasswordResetRequested($site)) + ->recipients($user) + ->from($site->getLocalizedContactEmail(), $site->getLocalizedContactName()) + ->body($template->getLocalizedData('body')) + ->subject($template->getLocalizedData('subject')); + Mail::send($mailable); - return; } - // Send email confirming password reset - $site = $request->getSite(); /** @var Site $site */ - $context = $request->getContext(); /** @var Context $context */ - $template = Repo::emailTemplate()->getByKey( - $context ? $context->getId() : PKPApplication::CONTEXT_SITE, - PasswordResetRequested::getEmailTemplateKey() - ); - $mailable = (new PasswordResetRequested($site)) - ->recipients($user) - ->from($site->getLocalizedContactEmail(), $site->getLocalizedContactName()) - ->body($template->getLocalizedData('body')) - ->subject($template->getLocalizedData('subject')); - Mail::send($mailable); - $templateMgr->assign([ 'pageTitle' => 'user.login.resetPassword', 'message' => 'user.login.lostPassword.confirmationSent', - 'backLink' => $request->url(null, $request->getRequestedPage(), null, null, ['username' => $user->getUsername()]), + 'backLink' => $request->url(null, $request->getRequestedPage(), null, null), 'backLinkLabel' => 'user.login', ])->display('frontend/pages/message.tpl'); }