HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Please upgrade here. These earlier versions are no longer being updated and have security issues.

Membership Approved Email

edited August 2010 in Vanilla 2.0 - 2.8
Email "Membership Approved" doesn't contain a password.

Vanilla 2.0
Tagged:

Comments

  • LincLinc Detroit Admin
    It can't - the passwords are hashed and never sent via email. This is correct behavior.
  • >It can't - the passwords are hashed and never sent via email. This is correct behavior.

    How does user have to know the password? Change it after applying?
  • MikhaelMikhael New
    edited August 2010
    What bothers me is that as Admin I can't see their "Reason for wanting to join" when they registered for approval. Perhaps this will be fixed once Admins get an email notification? (Do say if I've missed something - I'm still playing around to see what details do get sent).

    Perhaps already filed in GitHub (see this post).

    Edit: I just switched Approval to Basic in a site's Dashboard -> Registration section, but got BONK. I changed the config.php line which points errors to error.master.php to deverror.master.php as suggested elsewhere, but still get BONK.

    As @[-Stash-] suggested elsewhere, wouldn't it be a good idea to display full error messages if the user is Admin..? Should be a simple if/then somewhere.
  • LincLinc Detroit Admin
    @Mikhael Are you sure you changed it in config.php (good) and not config-defaults.php (bad)?
  • Yep, definitely changed it in config.php @Lincoln.

    I definitely think the best way forward in error handling is to throw full errors (but in a nice way) if you're logged-in as Admin. I changed one system to do this recently, and it works very well, with no set-up requirements, thus following the Vanilla Prime Directive.
  • @Lincoln How user must to know the pass?
Sign In or Register to comment.