bbPress registration functions patch

4 Comments

The default messages that are emailed by bbPress to newly registered users or users that have requested password recovery are quite disappointing compared to such messages that are sent by other more mature forum applications. So, here is a patch that modifies the default messages, so that they look more professional, containing some details about the request, such as the IP address, hostname and date/time. The patch also deals with the stupid behaviour of generating 6-character long passwords by default.

The number of password characters is raised to 8, but you can edit the patch by hand to set this number to the desired password length.

Copy the file to your bbPress root directory, decompress it and apply it:

$ gunzip registration-functions.php.patch.gz
$ patch -p0 -b < registration-functions.php.patch

Here follows the full patch:

--- bb-includes/registration-functions.php	2007-07-10 13:29:56.000000000 +0300
+++ bb-includes/registration-functions.php.new	2007-07-10 13:29:50.000000000 +0300
@@ -41,11 +41,10 @@
 	$resetkey = bb_random_pass( 15 );
 	bb_update_usermeta( $user->ID, 'newpwdkey', $resetkey );
 	if ( $user ) :
-		mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password Reset'), sprintf( __("If you wanted to reset your password, you may do so by visiting the following address:
 
-%s
-
-If you don't want to reset your password, just ignore this email. Thanks!"), bb_get_option('uri')."bb-reset-password.php?key=".$resetkey ), 'From: ' . bb_get_option('admin_email') );
+		$message  = sprintf(__("%s,\n\nA request to reset the password for your account has been made at %s\n\nIf you wanted to reset your password, you may do so by visiting the following address:\n\n%s\n\nIf you don't want to reset your password, just ignore this email. Thanks!\n"), "$user->user_login", bb_get_option('uri'), bb_get_option('uri')."bb-reset-password.php?key=".$resetkey );
+		$message .= sprintf("\n______\n%s\n%s [%s] %s %s\n", __("Password reset request details:"), $_SERVER['REMOTE_ADDR'], gethostbyaddr($_SERVER['REMOTE_ADDR']), __("at"), date("Y-m-d\TH:i:sO"));
+		mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password Reset'), $message, 'From: ' . bb_get_option('admin_email') );
 
 	endif;
 }
@@ -62,7 +61,7 @@
 			bb_block_current_user();
 		if ( !$user->has_cap( 'change_user_password', $user->ID ) )
 			bb_die( __('You are not allowed to change your password.') );
-		$newpass = bb_random_pass( 6 );
+		$newpass = bb_random_pass( 8 );
 		bb_update_user_password( $user->ID, $newpass );
 		bb_send_pass           ( $user->ID, $newpass );
 		bb_update_usermeta( $user->ID, 'newpwdkey', '' );
@@ -85,7 +84,7 @@
 	return $user_id;
 }
 
-function bb_random_pass( $length = 6) {
+function bb_random_pass( $length = 8) {
 	$number = mt_rand(1, 15);
 	$string = md5( uniqid( microtime() ) );
  	$password = substr( $string, $number, $length );
@@ -98,7 +97,8 @@
 	$user = $bbdb->get_row("SELECT * FROM $bbdb->users WHERE ID = $user");
 
 	if ( $user ) :
-		$message = __("Your username is: %1\$s \nYour password is: %2\$s \nYou can now log in: %3\$s \n\nEnjoy!");
+		$message = __("%1\$s,\n\nThank you for registering at %3\$s.\n\nYou may now log in at %3\$sbb-login.php using the following username and password:\n\nusername: %1\$s \npassword: %2\$s \n\nAfter logging in, you may want to visit %3\$sprofile-edit.php so you can change your password.\n");
+		$message .= sprintf("\n______\n%s\n%s [%s] %s %s\n", __("Registration request details:"), $_SERVER['REMOTE_ADDR'], gethostbyaddr($_SERVER['REMOTE_ADDR']), __("at"), date("Y-m-d\TH:i:sO"));
 		mail( bb_get_user_email( $user->ID ), bb_get_option('name') . ': ' . __('Password'), 
 			sprintf( $message, "$user->user_login", "$pass", bb_get_option('uri') ), 
 			'From: ' . bb_get_option('admin_email')

I hope WordPress does not mess up the backslashes.

bbPress registration functions patch by George Notaras is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Copyright © 2007 - Some Rights Reserved

George Notaras avatar

About George Notaras

George Notaras is the editor of the G-Loaded Journal, a technical blog about Free and Open-Source Software. George, among other things, is an enthusiast self-taught GNU/Linux system administrator. He has created this web site to share the IT knowledge and experience he has gained over the years with other people. George primarily uses CentOS and Fedora. He has also developed some open-source software projects in his spare time.

Related Articles

4 responses on “bbPress registration functions patch

  1. The How-To Geek Permalink →

    What great timing… I’ve been working on building a forum based on bbPress, and that was irritating me as well.

    Looks like you saved me a bit of work!

  2. George Notaras Post authorPermalink →

    I’m glad it will be of some use… :-)

    Apart from making the messages more mature, I think the most important thing is the inclusion of the IP address and the ISO8601 time. During the last months, I’ve been testing bbPress and it turns out there are some brainless people out there who abuse such services by registering either with an invalid email address or with an address that does not belong to them. I think the details of the HTTP request are the most important part of a registration email.

    Thanks for your feedback.

  4. George Notaras Post authorPermalink →

    You are right, I just didn’t have enough time to do so. I’ll submit any patches or code in the form of plugins. Thanks.