user_pass_reset_url token

Events happening in the community are now at Drupal community events on www.drupal.org.
shushu's picture
Posted by shushu on March 22, 2009 at 10:25am

I am trying to use the CCK+Rules+Token module to accomplish creation of a user when a content with its email address is being created.
This user should get an email notification with his password and/or a user_pass_reset_url link.

The token_user.inc does not provide password, nor the creation of the user using the rules action.
In addition, the !password of the user_mail_tokens does not apply here.

Any suggestion what should be the right way to solve this ?

Regards,
Shushu

Comments

hi

Posted by criz on March 23, 2009 at 5:27pm
criz's picture

I'am using the add user rules action to add a user when a node of a special contentype is created. In this rule I just added another action where I send an e-mail with the generated password (available as token and php variable, I use php variable).

See token replacement patterns and php evaluation in your rule....

cheers,
chris

Cannot add the generated password

Posted by shushu on March 23, 2009 at 7:56pm
shushu's picture

Hi,
It seems we do the same, but while you say it is "available as token and php variable", I don't see it.
What do I miss ? In the token replacement patterns I don't see it.
For PHP evaluation, should I use an additional module ?
What exactly you write and where ?

Please advise,
Shushu

no, this should work out of

Posted by criz on March 29, 2009 at 6:59pm
criz's picture

no, this should work out of the box. see for example image in http://drupal.org/node/409014#comment-1396258.

Did anyone ever solve this?

Posted by jastraat on August 19, 2009 at 5:34pm
jastraat's picture

Did anyone ever solve this? I'd like to mimic the registration or admin created user account notification email and include the username and password for a user created when a certain content type is created. Sadly, it looks like the new user password is not available as a token. Ideas?

that makes perfectly sense. i

Posted by hatsch on September 30, 2009 at 8:44am
hatsch's picture

that makes perfectly sense. i am searching for a very similar solution.

the scenario:

  • an anonymous user is creating content. after submission the content is set unpublished.

  • rules creates an user out of the name and email field of the content

  • the user is set to 'blocked' and an user activation/password reset link is sent to the given email adress

  • when the user activates his account, his content is published.

i tried to achieve this with the rules module, but it seems not to be possible. or did i muss something?

another way of doing this would be the use of drupal.org/project/inline_registration, but this is not as beautiful as the rules way would be. so any advise is very welcome

Sorry to bring up such an old

Posted by twistedindustries on October 30, 2010 at 3:01am
twistedindustries's picture

Sorry to bring up such an old discussion but I too am trying to send the user their password using rules and cant figure it out. Can someone please post a working example?

Any luck guys??

Posted by jozzhart on March 17, 2011 at 8:09pm
jozzhart's picture

I'm looking for something similar.

I'm programmatically creating a user and need to send an email off once created. Would love to use Rules for this, but can't get my hands on the created users' password token.

Cheers,
Jozz

Can't

Posted by nancydru on March 18, 2011 at 2:11am
nancydru's picture

Drupal MD5 encodes the password before storing it. As you know, MD5 is one way. Drupal simply does not know the password.

Nancy Dru

Yes, one-way for a reason.

Posted by fending on March 18, 2011 at 11:38am
fending's picture

The way to go for all of these cases is not to send a password, rather to generate an expiring link in a custom module (sort of copying Drupal in this sense). Because, well, Drupal won't let you get at the encrypted data as noted above. There are a number of deprecated modules (autologin, for example) that would enable part of the behavior you seek.

There is risk in generating "perpetual links" for this purpose, and I blogged about that decision tree a while ago. In general, it's still kind of a bad idea.

[And in D7, the default encoding is sha256 instead of md5! :)]

Yes, but.....

Posted by jozzhart on March 18, 2011 at 5:57pm
jozzhart's picture

I've ended up going with the standard Drupal "new user created by administrator" generated email that does send the plain password. Invoking it in hook_nodeapi (where the user is programmatically created) with

  $user->password = $password; // Add plain text password into user account to generate mail tokens.
  _user_mail_notify('register_no_approval_required', $user);

I prefer a more straight forward user journey, ie. log in here, with this username and this random generated password. Simple. The user can always refer to that email if they forget their password. The information used in my web app is far from critical/personal.

I use the content_profile module, and was hoping to have a more personalised email generated with given name, last name etc. The plain password is available at hook_user in the $edit parameter. So you could send an email at this stage with the plain password, but in my case, this is during the creation of the user, and I don't have access to the extended user profile. I guess I could pass it though session variables or something, but that is going too far.

Tokens

Group organizers

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: