The default messages that are emailed by bbPress to newly registered users or users that have requested password recovery are quite disappointing compared to such messages that are sent by other more mature forum applications. So, here is a patch that modifies the default messages, so that they look more professional, containing some details about the request, such as the IP address, hostname and date/time. The patch also deals with the stupid behaviour of generating 6-character long passwords by default.
The number of password characters is raised to 8, but you can edit the patch by hand to set this number to the desired password length.
Copy the file to your bbPress root directory, decompress it and apply it:
$ gunzip registration-functions.php.patch.gz $ patch -p0 -b < registration-functions.php.patch
Here follows the full patch:
--- bb-includes/registration-functions.php 2007-07-10 13:29:56.000000000 +0300 +++ bb-includes/registration-functions.php.new 2007-07-10 13:29:50.000000000 +0300 @@ -41,11 +41,10 @@ $resetkey = bb_random_pass( 15 ); bb_update_usermeta( $user->ID, 'newpwdkey', $resetkey ); if ( $user ) : - mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password Reset'), sprintf( __("If you wanted to reset your password, you may do so by visiting the following address: -%s - -If you don't want to reset your password, just ignore this email. Thanks!"), bb_get_option('uri')."bb-reset-password.php?key=".$resetkey ), 'From: ' . bb_get_option('admin_email') ); + $message = sprintf(__("%s,\n\nA request to reset the password for your account has been made at %s\n\nIf you wanted to reset your password, you may do so by visiting the following address:\n\n%s\n\nIf you don't want to reset your password, just ignore this email. Thanks!\n"), "$user->user_login", bb_get_option('uri'), bb_get_option('uri')."bb-reset-password.php?key=".$resetkey ); + $message .= sprintf("\n______\n%s\n%s [%s] %s %s\n", __("Password reset request details:"), $_SERVER['REMOTE_ADDR'], gethostbyaddr($_SERVER['REMOTE_ADDR']), __("at"), date("Y-m-d\TH:i:sO")); + mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password Reset'), $message, 'From: ' . bb_get_option('admin_email') ); endif; } @@ -62,7 +61,7 @@ bb_block_current_user(); if ( !$user->has_cap( 'change_user_password', $user->ID ) ) bb_die( __('You are not allowed to change your password.') ); - $newpass = bb_random_pass( 6 ); + $newpass = bb_random_pass( 8 ); bb_update_user_password( $user->ID, $newpass ); bb_send_pass ( $user->ID, $newpass ); bb_update_usermeta( $user->ID, 'newpwdkey', '' ); @@ -85,7 +84,7 @@ return $user_id; } -function bb_random_pass( $length = 6) { +function bb_random_pass( $length = 8) { $number = mt_rand(1, 15); $string = md5( uniqid( microtime() ) ); $password = substr( $string, $number, $length ); @@ -98,7 +97,8 @@ $user = $bbdb->get_row("SELECT * FROM $bbdb->users WHERE ID = $user"); if ( $user ) : - $message = __("Your username is: %1\$s \nYour password is: %2\$s \nYou can now log in: %3\$s \n\nEnjoy!"); + $message = __("%1\$s,\n\nThank you for registering at %3\$s.\n\nYou may now log in at %3\$sbb-login.php using the following username and password:\n\nusername: %1\$s \npassword: %2\$s \n\nAfter logging in, you may want to visit %3\$sprofile-edit.php so you can change your password.\n"); + $message .= sprintf("\n______\n%s\n%s [%s] %s %s\n", __("Registration request details:"), $_SERVER['REMOTE_ADDR'], gethostbyaddr($_SERVER['REMOTE_ADDR']), __("at"), date("Y-m-d\TH:i:sO")); mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password'), sprintf( $message, "$user->user_login", "$pass", bb_get_option('uri') ), 'From: ' . bb_get_option('admin_email')
I hope WordPress does not mess up the backslashes.
bbPress registration functions patch by George Notaras is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Copyright © 2007 - Some Rights Reserved
What great timing… I’ve been working on building a forum based on bbPress, and that was irritating me as well.
Looks like you saved me a bit of work!
I’m glad it will be of some use… :-)
Apart from making the messages more mature, I think the most important thing is the inclusion of the IP address and the ISO8601 time. During the last months, I’ve been testing bbPress and it turns out there are some brainless people out there who abuse such services by registering either with an invalid email address or with an address that does not belong to them. I think the details of the HTTP request are the most important part of a registration email.
Thanks for your feedback.
Please feel free to write tickets and submit patches to http://trac.bbpress.org/ (sign in with your bbPress forums username/password). That way, your work can go into making everyone’s bbPress better.
You are right, I just didn’t have enough time to do so. I’ll submit any patches or code in the form of plugins. Thanks.