-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User Registration Email - Sends Password when set to NO #10376
Comments
Setup a clean install via CloudAccess. Update install to 3.5.1 Create new user via backend and save. User email received: Hello TestUser, You have been added as a User to Your Joomla! Site hosted with CloudAccess.net by an Administrator. This email contains your username and password to log in to http://# (address removed) Username: TestUser Please do not respond to this message as it is automatically generated and is for information purposes only. This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10376. |
The parameters like "Send Password" set to "No" are NOT used when a user is created in back-end. |
For user accounts created via the frontend, when Allow User Registration = Yes and New User Account Registration = Self, then the user will get an email with no password and an activation link. This is correct The issue sending of passwords via email, only comes about when an account is created via an admin in the backend. If Send Password = No, then this should also apply for backend created user accounts? This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10376. |
Nope. How would the user created in back-end know the username and password which has been created by the admin? |
The problem is that PLG_USER_JOOMLA_NEW_USER_EMAIL_BODY is used to produce the email sent to the user when admin creates an account. Suggest edit to the plugin and language value. This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10376. |
Again NO. |
@brianteeman |
The email sent to the user, defined by PLG_USER_JOOMLA_NEW_USER_EMAIL_BODY, contains $s for the username and web address for the site. Hello %s,\n\nYou have been added as a User to ??.\n\nThis email contains your username and details on how to log in.\nTo reset your password, click here: %s\nEnter your email address.\n\nA verification code link will be emailed to you and once you have clicked the verification code link, you will be able to choose a new password for your account.\n\nPlease do not respond to this message as it is automatically generated and is for information purposes only.\n\n This bypasses sending passwords via email. This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10376. |
Users do not need to know their username when resetting passwords, only the email address which was used to create the account. It is just the issue of sending passwords in emails as plain text, which has been addressed for frontend but not for the backend and could be solved with that kind of solution.? This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10376. |
We already have the ability to force a password reset on first login
|
True, but just addressing that backend created users, sends an email with the password as plain text. This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10376. |
The reset password feature also send the password in plain text. ;) You can get that on your custom site with an language override. |
OK, no problem. Just wondered why if we have ability to disable sending passwords for accounts setup on front end, it isn't adopted for users created by admins, especially if we can force them to reset the password. This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/10376. |
…nistrator. When creating user accounts as administrator and sending an email, it is now optional to include the password in the mail. This is configurable on the plugin. Sending the email was already optional. When sending emails, including the password in the email is now optional. This closes issue joomla#10376
See #10462 |
Closed as we have a PR for testing |
…nistrator. When creating user accounts as administrator and sending an email, it is now optional to include the password in the mail. This is configurable on the plugin. Sending the email was already optional. When sending emails, including the password in the email is now optional. This closes issue joomla#10376
…nistrator. When creating user accounts as administrator and sending an email, it is now optional to include the password in the mail. This is configurable on the plugin. Sending the email was already optional. When sending emails, including the password in the email is now optional. This closes issue joomla#10376
…nistrator. When creating user accounts as administrator and sending an email, it is now optional to include the password in the mail. This is configurable on the plugin. Sending the email was already optional. When sending emails, including the password in the email is now optional. This closes issue joomla#10376
…nistrator. When creating user accounts as administrator and sending an email, it is now optional to include the password in the mail. This is configurable on the plugin. Sending the email was already optional. When sending emails, including the password in the email is now optional. This closes issue joomla#10376
I am using Joomla 3.6.2 and the password setting, to decide whether password should be sent to the user created by admin or not doesnt seem to be working. Please tell me the conclusion on this. Have checked the other issues marked in this but didnt find anything that helps me. |
In j362 there is no such thing as a setting to decide whether password should be sent to the user created by admin. Tried to introduce that twice, but gave up. You can use https://github.com/joomla/joomla-cms/pull/10990/files to implement it yourself. |
Steps to reproduce the issue
Joomla Users Parameters
Allow Registration = No
New User Registration Group = Registered
Send Password = No
New User Account Activation = Self
Expected result
Admin creates User Account via backend.
Email sent to User with Activation Link and NO password
Actual result
Email sent to User with NO Activation link and a password
System information (as much as possible)
Joomla 3.5.1
Additional comments
More tests to follow
The text was updated successfully, but these errors were encountered: