[TYPO3-core] RFC: #10017: [felogin] New Method for "forgotPassword"
Jeff Segars
jsegars at alumni.rice.edu
Mon Aug 31 22:12:08 CEST 2009
Hey Steffen,
I spent some time reviewing and testing the patch today and have some
comments. Most of my comments from reading are really minor nitpicks but
I did encounter a few bugs reading and testing.
Code
====
changePassword()
* Update comments to reflect what the method actually does.
* $minLength is calculated twice...but is spelled right now ;)
* *nitpick* Assign $subpartArray and $linkpartArray individually
* *nitpick* Assign $done outside the else case
generateAndSendHash()
* *nitpick* Maybe $user would be more descriptive than $row?
* $validEndString does not take Typoscript settings for dateFormat into
account
* When calculating the link prefix, should the final fallback be using
TYPO3_SITE_URL rather than outputting an error message?
* Unsetting notification_email_urlmode doesn't work when page.config is
set rather than the top-level config object. Same holds true for
baseURL, etc.
Labels
======
"Please enter your username or the email address stored in your account,
press "Send password", and your password will immediately be emailed to
you."
* The password itself isn't actually emailed so we should probably
update this message.
"Dear username
to set a new password please visit this link:
<link>
The link is only valid until 2009-09-01 02:55. If you do not visit the
link before then, you will have to repeat the forgot password procedure."
* Maybe we should add a little description before the link that explains
someone is receiving this email because they filled out the forgot
password form. Using the real name rather than username when available
might be a nice touch too.
Testing
=======
I think there's some kind of caching issue going on. When I start with
an empty cache and directly load the page with the forgot password form,
everything works as expected. If I load a page with the login box and
click the link to open the forgot password form, the form loads but
trying to submit the reminder form just reloads the original login form.
When I turn off caching on the page, all works as expected.
Thanks for all the work on this feature! I'm of course happy to help
with any labels and the minor cleanups mentioned above.
Jeff
More information about the TYPO3-team-core
mailing list