Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Form Questions /

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Security/ChangePassword confirmation message


Go to End


2317 Views

Avatar
JonoM

Community Member, 130 Posts

13 July 2010 at 11:38am

I'm struggling a bit with getting password changing to go smoothly.

It seems to me that I can let members change their password using Security/ChangePassword, but I can't seem to give them feedback to let them know it was changed successfully. There are two problems I think:

1) Described here: http://silverstripe.org/form-questions/show/277681 in that the form just redirects back to a login page and says 'You're logged in as (member name)' but doesn't let you know the password was changed successfully.

2) If you revisit Security/ChangePassword as some confused users I think probably would, they see a message 'Your password has been changed, and a copy emailed to you.' but no email has been sent, at least in my case.

Emails work fine for forgotten passwords for me but not for changing passwords. I don't mind if it doesn't send the user a new password but I don't want it to tell the user it has if it hasn't.

I found this in Member.php

		if(
			(Director::isLive() || Email::mailer() instanceof TestMailer) 
			&& $this->isChanged('Password')
			&& $this->record['Password'] 
			&& Member::$notify_password_change
		) {
			$this->sendInfo('changePassword');
		}

So I'm guessing that 'Member::$notify_password_change' needs to be set to true somehow to send email but I don't know how or where to do that - any suggestions?

Can anyone help me to understand how to inform the user that their password has been changed, and either activate email notification or change the session message to remove the part about being sent a message?

Thanks in advance!