From: Stephen Soltesz Date: Fri, 6 May 2011 04:48:31 +0000 (-0400) Subject: Make password-reset process less confusing for users: X-Git-Tag: plewww-4.3-64~6 X-Git-Url: http://git.onelab.eu/?p=plewww.git;a=commitdiff_plain;h=29697aabd71fb14ad112ceb2cba51f14296b5d8f Make password-reset process less confusing for users: Remove 5-second redirects. Add clear status messages that explain what was done and what needs to be done next. Prevent page display if the user is logged in to prevent API error when user logs in with new password. --- diff --git a/planetlab/persons/reset_password.php b/planetlab/persons/reset_password.php index 1a0b5b2..e0a2bca 100644 --- a/planetlab/persons/reset_password.php +++ b/planetlab/persons/reset_password.php @@ -14,40 +14,45 @@ global $plc, $api, $adm; // Print header require_once 'plc_drupal.php'; -drupal_set_title('Reset Password'); include 'plc_header.php'; -if (!empty($_REQUEST['id']) && !empty($_REQUEST['key'])) { - $person_id = intval($_REQUEST['id']); - if ($adm->ResetPassword($person_id, $_REQUEST['key']) != 1) { - print '
' . $adm->error() . '.
'; - } else { - drupal_set_html_head("'; - print "An e-mail has been sent to you with your new temporary password. "; - print "Please change this password as soon as possible. "; - print "You will be re-directed to the login page in 5 seconds."; - print ''; - } -} elseif (!empty($_REQUEST['email'])) { - if ($adm->ResetPassword($_REQUEST['email']) != 1) { - print '
' . $adm->error() . '.
'; - } else { - drupal_set_html_head("'; - print "An e-mail has been sent to " . $_REQUEST['email'] . " with further instructions. "; - print "You will be re-directed to the login page in 5 seconds."; - print ''; - } -} +// Only display dialogs if the user is not logged in. +if ( !$plc->person) { -$self = $_SERVER['PHP_SELF']; -if (!empty($_SERVER['QUERY_STRING'])) { - $self .= "?" . $_SERVER['QUERY_STRING']; -} + if (!empty($_REQUEST['id']) && !empty($_REQUEST['key'])) { + $person_id = intval($_REQUEST['id']); + drupal_set_title('Password Reset: Confirmed'); + if ($adm->ResetPassword($person_id, $_REQUEST['key']) != 1) { + print '
' . $adm->error() . '.
'; + } else { + drupal_set_html_head("'; + print "Success! We've sent you another e-mail with your new temporary password.
"; + print "You can login using this temporaray password.
"; + print "Please change it once you login by visiting 'My Account' and updating your password. "; + print ''; + } + } elseif (!empty($_REQUEST['email'])) { + drupal_set_title('Password Reset: Request Sent'); + if ($adm->ResetPassword($_REQUEST['email']) != 1) { + print '
' . $adm->error() . '.
'; + } else { + print '
'; + print "We've sent an e-mail to " . $_REQUEST['email'] . " that will allow you to confirm the password reset.
"; + print "Please check your email now and follow the link contained there to reset your password. "; + print '
'; + } + } else { + + drupal_set_title('Password Reset'); + $self = $_SERVER['PHP_SELF']; + if (!empty($_SERVER['QUERY_STRING'])) { + $self .= "?" . $_SERVER['QUERY_STRING']; + } -// XXX Use our own stylesheet instead of drupal.css -print <<
@@ -65,9 +70,11 @@ print << - EOF; + } +} + include 'plc_footer.php'; ?>