Display password in e-mail for ActivationEmail

I have ActivationEmail installed and it works great. But within the ActivationEmailTpl located in the chunks; I am trying to pass the username and password into each e-mail. Because we are manually approving and it could take some time, we think some might forget their usernames.

Anyway I have this in the ActivationEmailTpl chunk:


When the e-mail goes out it looks like this:


So the password variable is not being sent properly. I also tried this: [[+pwd]] which I found under system settings, web signup e-mail but that did not work. I could not find this searching in the documentation. What is the variable that will pass their password into this email?

I was able to bypass this and pass this information in the confirm URL e-mail. I suspect since the login forgot password system requires a password change (instead of e-mail current password) that the password is encrypted will not pass. Just speculation, but I was able to bypass none-the-less.

Quote from: wbbuilder at May 10, 2013, 07:25 PM

I was able to bypass this and pass this information in the confirm URL e-mail. I suspect since the login forgot password system requires a password change (instead of e-mail current password) that the password is encrypted will not pass. Just speculation, but I was able to bypass none-the-less.

Could you expand on how you achieved this, as I'm looking for the same solution when send an activation email.

I'm having the same issue.

I added: to line 119 and

at line 126 of ActivationEmail which passes the password, but it come out encrypted.

I am sorry I did not convey that statement properly. I was not able to pass the information in the confirmation URL at all, but I was able to bypass this step. Here is what I used in my confirmation email:

The ActivationEmailTpl chunk has this code:


So as you can see I did not pass the username or password information onto the user. I did however add the forget password ID so that if they did forget their password this might help them. After much debate I figured if they foget their username they can contact, but if they forget their password, I have that convered in both e-mails and on the pages to help them recover.

If you still want the username and password to pass, you could try to follow this step, but I am unsure if I ever got it to work. Since there were so many steps and it has been some time, my recollection is minimal. Then again I am a novice:

In System Settings> Name: Sign-up e-mail and key: signupemail_masage I have this coding:

<p>Hello [[+uid]],</p>

<p>Here are your login details for our forum:</p>
<p>
<strong>Username:</strong> [[+uid]]

<strong>Password:</strong> [[+pwd]]

</p>

<p>You can login here: http://www.YOURURL.com/YOURLOGINPAGE.html</p>

<p>Thanks,

Forum</p>

Once again I am not sure if I am actively using this and I don't think I am. But this is the e-mail that is supposed to be sent after registration. I thought I would post this for others to try if there is no other solution.

Tried that - it didn't work. But thanks for posting.

Looking at the code in update.class.php where signupemail_masage is used, the email appears from the user input before it's written to the database.

Using the code modification I posted above, it does retrieve the correct user's password from the sql database, unfortunately it's encrypted. Reading up a bit on password hashing and salting, I think it's purposefully impossible to retrieve the unencrypted password, only to validate a match.

Quote from: absent42 at Aug 07, 2013, 04:40 PM

Using the code modification I posted above, it does retrieve the correct user's password from the sql database, unfortunately it's encrypted. Reading up a bit on password hashing and salting, I think it's purposefully impossible to retrieve the unencrypted password, only to validate a match.

I think you're probably right. Possibly a different work round, perhaps a user received ActivationEmail to say they have been authorised but now has to register a password and then go through the Forgotten Password scenario with different templating saying Set Your Password?

This may be a better solution.

Ok I've worked round this by making use of the ForgotPassword snippet and getting users to set their own password after being activated.

I changed the chunks to reflect "Set Your Password" and this triggers all that needs to be done for users to access their accounts. They can then change to something more memorable via their account.

So in my ActivationEmailTpl I've added the link to the resource that contains the ForgotPassword snippet.