From 29697aabd71fb14ad112ceb2cba51f14296b5d8f Mon Sep 17 00:00:00 2001 From: Stephen Soltesz Date: Fri, 6 May 2011 00:48:31 -0400 Subject: [PATCH 1/1] Make password-reset process less confusing for users: Remove 5-second redirects. Add clear status messages that explain what was done and what needs to be done next. Prevent page display if the user is logged in to prevent API error when user logs in with new password. --- planetlab/persons/reset_password.php | 69 +++++++++++++++------------- 1 file changed, 38 insertions(+), 31 deletions(-) diff --git a/planetlab/persons/reset_password.php b/planetlab/persons/reset_password.php index 1a0b5b2..e0a2bca 100644 --- a/planetlab/persons/reset_password.php +++ b/planetlab/persons/reset_password.php @@ -14,40 +14,45 @@ global $plc, $api, $adm; // Print header require_once 'plc_drupal.php'; -drupal_set_title('Reset Password'); include 'plc_header.php'; -if (!empty($_REQUEST['id']) && !empty($_REQUEST['key'])) { - $person_id = intval($_REQUEST['id']); - if ($adm->ResetPassword($person_id, $_REQUEST['key']) != 1) { - print '
' . $adm->error() . '.
'; - } else { - drupal_set_html_head("'; - print "An e-mail has been sent to you with your new temporary password. "; - print "Please change this password as soon as possible. "; - print "You will be re-directed to the login page in 5 seconds."; - print ''; - } -} elseif (!empty($_REQUEST['email'])) { - if ($adm->ResetPassword($_REQUEST['email']) != 1) { - print '
' . $adm->error() . '.
'; - } else { - drupal_set_html_head("'; - print "An e-mail has been sent to " . $_REQUEST['email'] . " with further instructions. "; - print "You will be re-directed to the login page in 5 seconds."; - print ''; - } -} +// Only display dialogs if the user is not logged in. +if ( !$plc->person) { -$self = $_SERVER['PHP_SELF']; -if (!empty($_SERVER['QUERY_STRING'])) { - $self .= "?" . $_SERVER['QUERY_STRING']; -} + if (!empty($_REQUEST['id']) && !empty($_REQUEST['key'])) { + $person_id = intval($_REQUEST['id']); + drupal_set_title('Password Reset: Confirmed'); + if ($adm->ResetPassword($person_id, $_REQUEST['key']) != 1) { + print '
' . $adm->error() . '.
'; + } else { + drupal_set_html_head("'; + print "Success! We've sent you another e-mail with your new temporary password.
"; + print "You can login using this temporaray password.
"; + print "Please change it once you login by visiting 'My Account' and updating your password. "; + print ''; + } + } elseif (!empty($_REQUEST['email'])) { + drupal_set_title('Password Reset: Request Sent'); + if ($adm->ResetPassword($_REQUEST['email']) != 1) { + print '
' . $adm->error() . '.
'; + } else { + print '
'; + print "We've sent an e-mail to " . $_REQUEST['email'] . " that will allow you to confirm the password reset.
"; + print "Please check your email now and follow the link contained there to reset your password. "; + print '
'; + } + } else { + + drupal_set_title('Password Reset'); + $self = $_SERVER['PHP_SELF']; + if (!empty($_SERVER['QUERY_STRING'])) { + $self .= "?" . $_SERVER['QUERY_STRING']; + } -// XXX Use our own stylesheet instead of drupal.css -print <<
@@ -65,9 +70,11 @@ print << - EOF; + } +} + include 'plc_footer.php'; ?> -- 2.43.0