«
»

bbPress registration functions patch

July 10th, 2007 by George Notaras

The default messages that are emailed by bbPress to newly registered users or users that have requested password recovery are quite disappointing compared to such messages that are sent by other more mature forum applications. So, here is a patch that modifies the default messages, so that they look more professional, containing some details about the request, such as the IP address, hostname and date/time. The patch also deals with the stupid behaviour of generating 6-character long passwords by default.

The number of password characters is raised to 8, but you can edit the patch by hand to set this number to the desired password length.

Copy the file to your bbPress root directory, decompress it and apply it:

$ gunzip registration-functions.php.patch.gz
$ patch -p0 -b < registration-functions.php.patch

Here follows the full patch:

--- bb-includes/registration-functions.php	2007-07-10 13:29:56.000000000 +0300
+++ bb-includes/registration-functions.php.new	2007-07-10 13:29:50.000000000 +0300
@@ -41,11 +41,10 @@
 	$resetkey = bb_random_pass( 15 );
 	bb_update_usermeta( $user->ID, 'newpwdkey', $resetkey );
 	if ( $user ) :
-		mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password Reset'), sprintf( __("If you wanted to reset your password, you may do so by visiting the following address:
 
-%s
-
-If you don't want to reset your password, just ignore this email. Thanks!"), bb_get_option('uri')."bb-reset-password.php?key=".$resetkey ), 'From: ' . bb_get_option('admin_email') );
+		$message  = sprintf(__("%s,\n\nA request to reset the password for your account has been made at %s\n\nIf you wanted to reset your password, you may do so by visiting the following address:\n\n%s\n\nIf you don't want to reset your password, just ignore this email. Thanks!\n"), "$user->user_login", bb_get_option('uri'), bb_get_option('uri')."bb-reset-password.php?key=".$resetkey );
+		$message .= sprintf("\n______\n%s\n%s [%s] %s %s\n", __("Password reset request details:"), $_SERVER['REMOTE_ADDR'], gethostbyaddr($_SERVER['REMOTE_ADDR']), __("at"), date("Y-m-d\TH:i:sO"));
+		mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password Reset'), $message, 'From: ' . bb_get_option('admin_email') );
 
 	endif;
 }
@@ -62,7 +61,7 @@
 			bb_block_current_user();
 		if ( !$user->has_cap( 'change_user_password', $user->ID ) )
 			bb_die( __('You are not allowed to change your password.') );
-		$newpass = bb_random_pass( 6 );
+		$newpass = bb_random_pass( 8 );
 		bb_update_user_password( $user->ID, $newpass );
 		bb_send_pass           ( $user->ID, $newpass );
 		bb_update_usermeta( $user->ID, 'newpwdkey', '' );
@@ -85,7 +84,7 @@
 	return $user_id;
 }
 
-function bb_random_pass( $length = 6) {
+function bb_random_pass( $length = 8) {
 	$number = mt_rand(1, 15);
 	$string = md5( uniqid( microtime() ) );
  	$password = substr( $string, $number, $length );
@@ -98,7 +97,8 @@
 	$user = $bbdb->get_row("SELECT * FROM $bbdb->users WHERE ID = $user");
 
 	if ( $user ) :
-		$message = __("Your username is: %1\$s \nYour password is: %2\$s \nYou can now log in: %3\$s \n\nEnjoy!");
+		$message = __("%1\$s,\n\nThank you for registering at %3\$s.\n\nYou may now log in at %3\$sbb-login.php using the following username and password:\n\nusername: %1\$s \npassword: %2\$s \n\nAfter logging in, you may want to visit %3\$sprofile-edit.php so you can change your password.\n");
+		$message .= sprintf("\n______\n%s\n%s [%s] %s %s\n", __("Registration request details:"), $_SERVER['REMOTE_ADDR'], gethostbyaddr($_SERVER['REMOTE_ADDR']), __("at"), date("Y-m-d\TH:i:sO"));
 		mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password'), 
 			sprintf( $message, "$user->user_login", "$pass", bb_get_option('uri') ), 
 			'From: ' . bb_get_option('admin_email')

I hope WordPress does not mess up the backslashes.

The bbPress registration functions patch by George Notaras, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.

Related Articles

Tags: , , ,

4 Responses to “bbPress registration functions patch”

  1. The How-To Geek Says :
    July 10th, 2007 at 3:08 pm

    What great timing… I’ve been working on building a forum based on bbPress, and that was irritating me as well.

    Looks like you saved me a bit of work!

  2. George Notaras Says :
    July 10th, 2007 at 4:45 pm

    I’m glad it will be of some use… :-)

    Apart from making the messages more mature, I think the most important thing is the inclusion of the IP address and the ISO8601 time. During the last months, I’ve been testing bbPress and it turns out there are some brainless people out there who abuse such services by registering either with an invalid email address or with an address that does not belong to them. I think the details of the HTTP request are the most important part of a registration email.

    Thanks for your feedback.

  3. mdawaffe Says :
    July 14th, 2007 at 12:59 am

    Please feel free to write tickets and submit patches to http://trac.bbpress.org/ (sign in with your bbPress forums username/password). That way, your work can go into making everyone’s bbPress better.

  4. George Notaras Says :
    July 16th, 2007 at 4:46 am

    You are right, I just didn’t have enough time to do so. I’ll submit any patches or code in the form of plugins. Thanks.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre>