WordPress.org

Make WordPress Core

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#9669 closed enhancement (fixed)

(admin-generated) new users: notification-mail @ registration missing

Reported by: F J Kaiser Owned by:
Milestone: 2.8 Priority: normal
Severity: normal Version: 2.7.1
Component: Users Keywords: has-patch tested commit
Focuses: Cc:

Description

ex 1) user registers himself @ wp-login.php > admin & user receive e-mail-notification
ex 2) admin generates user @ wp-admin/users.php > no e-mail-notification

Problem: Users won´t receive Username & Password if the admin generates their account in admin-user-panel.

  • - - - - - - - - - - - - - - - - -

the problem can be found in wp-admin/inludes/user.php with line 167 (at which ingo from wordpress-germany forums pointed me). there the password for this user isn´t given to the function wp_new_user_notification.

  • - - - - - - - - - - - - - - - - -

The function wp_new_user_notification() is defined in /wp-includes/pluggable.php and fires an e-mail to the newly registered user (@wp-login.php: function register_new_user; @/wp-admin/includes/user.php: function edit_user).

  • - - - - - - - - - - - - - - - - -

hope this behavior changes before wp 2.8. - thanks anyway for wordpress - i love it :)

Attachments (3)

9669.diff (457 bytes) - added by Denis-de-Bernardy 5 years ago.
9669.2.diff (1.4 KB) - added by Denis-de-Bernardy 5 years ago.
9669.3.diff (1.5 KB) - added by Denis-de-Bernardy 5 years ago.

Download all attachments as: .zip

Change History (47)

comment:1 follow-up: Denis-de-Bernardy5 years ago

  • Keywords needs-patch 2nd-opinion added; wp_new_user_notification mail user edit_user register_new_user removed
  • Milestone changed from Unassigned to 2.9

I vaguely recall another ticket on this that got wontfix'ed or something like that. The rational was that the email is sent to whoever is doing the registration, rather than to the actual user.

But it would make sense indeed to send an email to the newly registered user instead.

comment:2 in reply to: ↑ 1 F J Kaiser5 years ago

Replying to Denis-de-Bernardy:

I vaguely recall another ticket on this that got wontfix'ed or something like that.

-- Sorry, but i simply don´t understand that sentence.

But it would make sense indeed to send an email to the newly registered user instead.

-- If you try to register for e.g. 80 users a time and have to notify every single user with a custom mail about her/his username & password, then user generating becomes a real pain.

Wordpress is (while beeing a articel&user-focused platform) pretty weak with handling users and (additional) userdata. I think this would be a significant step into the right direction for everybody who uses a closed system. At the moment you have to open the possibility to register to everybody and switch between registration-screen (wp-login.php) and user-data (wp-admin/users.php) to attach the needed data to your users. After finishing new-user-registration you have to turn the everybody can register-option off again. Until you register new users who may need their username & password. This is a real pain with user-handling.

I´d love to see this changed in wp 2.8.

comment:3 follow-up: Denis-de-Bernardy5 years ago

It won't make it into WP 2.8 unless there's a patch. That being said, note that you can always have a plugin send the email to the user. wp_new_user_notification() is a pluggable function.

comment:4 in reply to: ↑ 3 F J Kaiser5 years ago

Replying to Denis-de-Bernardy:

It won't make it into WP 2.8 unless there's a patch.

  • ok.

    That being said, note that you can always have a plugin send the email to the user. wp_new_user_notification() is a pluggable function.

  • thanks. i´ll give my best.

comment:5 Denis-de-Bernardy5 years ago

if you write the plugin, be sure to suggest the patch as well. it'll probably make it in the core imo, because it just makes sense.

comment:6 follow-up: hakre5 years ago

No patch, so its hard to discuss. I think there should be an option sothat the admin can decide wether or not the new user should be emailed or not.

Denis-de-Bernardy5 years ago

comment:7 follow-up: Denis-de-Bernardy5 years ago

  • Keywords has-patch needs-testing added; needs-patch 2nd-opinion removed
  • Milestone changed from 2.9 to 2.8

this might do the trick. the goal being, to make WP send his password to the user when he gets registered by an admin.

comment:8 Denis-de-Bernardy5 years ago

I agree it's the desirable way to do things, btw.

comment:9 in reply to: ↑ 7 F J Kaiser5 years ago

Replying to Denis-de-Bernardy:

this might do the trick. the goal being, to make WP send his password to the user when he gets registered by an admin.

-- i think so. thanks for that, Denis!

comment:10 in reply to: ↑ 6 F J Kaiser5 years ago

Replying to hakre:

I think there should be an option sothat the admin can decide wether or not the new user should be emailed or not.

-- i agree. that´s what i´ve discussed with various people. maybe someone should open a ticket/feature-request for 2.9.

comment:11 Denis-de-Bernardy5 years ago

current patch potentially sends the email twice when a user registers, so testing needed. (in fact, I'm pretty certain that it does.)

comment:12 Denis-de-Bernardy5 years ago

Nevermind that last remark, it doesn't.

I'm not a big fan of options, myself. There is another ticket (#8296) which could be merged into this one, or treated separately.

It could go:

  • add a checkbox (checked by default), "generate password automatically and send it to the user"
  • and when left unchecked, the two password fields would show and no email would be sent

comment:13 follow-up: hakre5 years ago

or for less clicks and the no-need of js: display the two password fields and place the checkbox unchecked below offering to auto-generate and sending an email.

what is done if the email is not working for the auto-generated stuff?

comment:14 in reply to: ↑ 13 ; follow-up: Denis-de-Bernardy5 years ago

Replying to hakre:

what is done if the email is not working for the auto-generated stuff?

you curse the server? :D

comment:15 in reply to: ↑ 14 ; follow-up: hakre5 years ago

Replying to Denis-de-Bernardy:

Replying to hakre:

what is done if the email is not working for the auto-generated stuff?

you curse the server? :D

I meant if the newly registered User was entered with an invalid Email. Okay in that case the bounce should fall back to the admin email addy. The admin can send read the new password out of the bounce message.


I've got an even better idea.

  • provide a new function that just email a user the registration email (i guess that already exists)
  • add an option for the admin to send this email manually (for a user of choice), for example a button on the users page.
  • integrate that functionality into other places, for example with a checkbox or so for 2.9

my 2 cents.

comment:16 in reply to: ↑ 15 ; follow-up: F J Kaiser5 years ago

Replying to Denis-de-Bernardy:

  • provide a new function that just email a user the registration email (i guess that already exists)
  • add an option for the admin to send this email manually (for a user of choice), for example a button on the users page.
  • integrate that functionality into other places, for example with a checkbox or so for 2.9

-- i think that´s the best idea.

-- i modified my user.php on line 167 (in your patch it´s 186?) and tested with $pass1 on a test-account; same behavior as before > no e-mail get´s send to the newly registered user; for user registering themself on front-end behavior stays the same > pass&username get´s send via e-mail.

comment:17 in reply to: ↑ 16 F J Kaiser5 years ago

Replying to F J Kaiser:

-- i modified my user.php on line 167 (in your patch it´s 186?) and tested with $pass1 on a test-account; same behavior as before > no e-mail get´s send to the newly registered user; for user registering themself on front-end behavior stays the same > pass&username get´s send via e-mail.

-- lol. Forgot to upload. i took $user_pass instead of $pass1 - $pass2 would be fine too. i only receive one mail at a time. i think i´ll patch some of my own installations to make that more comfortable.

-- i don´t know if i´m allowed to do that, but if i´m seeing that working in some other installations and due to the fact, that it´s a 30 second-patch, i´d suggest to implement that feature with the next update 2.7.2.

comment:18 hakre5 years ago

2.7.2 has been postponed. So that should be for 2.8 then.

comment:19 Denis-de-Bernardy5 years ago

  • Keywords tested added; needs-testing removed

marking as tested then

comment:21 F J Kaiser5 years ago

tested on 2 other domains, but same server (php5, linux): working with $user_pass, $pass1, $pass2 > receiving only one mail as admin and only one mail as new user (pass & username).

would suggest, that someone other test this too before marking as tested.

comment:22 Denis-de-Bernardy5 years ago

  • Keywords commit added

comment:23 filosofo5 years ago

  • Keywords dev-feedback added; commit removed

Look at how people have reacted to those Facebook and Twitter 3rd-party applications, for example, that email people's friends without their specifically choosing to: they feel violated and their friends, spammed.

Without an opt-in checkbox, this would be the same kind of thing.

Maybe as an admin I don't want a user to be able to access a development site right away or even to be aware that he can. Maybe I'm doing some initial tests logged in as a user, so I've set up the account with a pet password, which I've just unknowingly emailed to someone else. Not good.

comment:24 Otto425 years ago

Gotta agree, I don't think it should send that email by default. Perhaps a checkbox on the screen where you are entering the new users information that says "send username/password to this email address", with the checkbox defaulted to off. Yes, checking a box for every user entered is annoying, but less so than manually forwarding the emails and such.

comment:25 F J Kaiser5 years ago

ok. things got tested by some people over at wordpress germany forums. everything works perfect.

@filosofo & @Otto42: I agree in some parts. A check box would defineatly be the best sollution for wp3. But in most cases you´ll simply need this behavior. And overriding this is easy: just enter your own or an @example.com-mail adress. but not having this possibility is much harder than this simple work around. so i´d suggest (like nearly everybody i discussed this issue) to add it and make a note about this on user-creation.

btw: when someone registers themself, or the admin/auth. user registers a new user via wp-login.php, then the e-mail get´s send in every case. there´s no check box, so i think the behavior should simply be the same.

i think every thing else (further discussion about check box issue or even better ideas) should be added/discussed at a new ticket with milestone to WP2.9 or WP3.0.

comment:26 F J Kaiser5 years ago

@filosofo: i wouldn´t compare a whole load of "social"-mails by various senseless applications with a mail that contains login-information. why should you register someone if he/she doesn´t need a login? or what would that user do with a registration that she/he couldn´t use because there were no login-data? i only had one case where i needed users that shouldn´t get their login-information: is was an event-managment-app where the normal wp-user was missused, because there was not enough time to write a more enhanced plugin to manage that users for creating attendee-lists. and there we just used @example.com as e-mail address. i can´t really see the no-go with this issue.

comment:27 Denis-de-Bernardy5 years ago

  • Keywords commit added

I might write an enhanced patch for the checkbox. let's see whether this catches the interest of a committer in the meanwhile.

comment:28 follow-up: filosofo5 years ago

Replying to F J Kaiser:

But in most cases you´ll simply need this behavior. And overriding this is easy: just enter your own or an @example.com-mail adress.

I don't understand why you think you "need" this behavior. What is it that you can't do with the existing behavior?

And spamming one of my own email accounts or that of a fake one is no solution.

  • It doesn't address the fundamental problem of sending unsolicited emails.
  • It creates more work for later, as you have to change the emails to real ones.
  • In the case of fake emails, it adds more to the universal spam problem.

btw: when someone registers themself, or the admin/auth. user registers a new user via wp-login.php, then the e-mail get´s send in every case. there´s no check box, so i think the behavior should simply be the same.

It's not the same behavior. When I initiate an action on a server, I reasonably expect a response to me. I do not expect it to respond to you.

Replying to F J Kaiser:

@filosofo: i wouldn´t compare a whole load of "social"-mails by various senseless applications with a mail that contains login-information.

The issue is expected behavior. I don't expect to send emails to others unknowingly. They do not expect to receive them. That's how the "netiquette" of email works.

comment:29 in reply to: ↑ 28 ; follow-up: Denis-de-Bernardy5 years ago

Replying to filosofo:

I don't understand why you think you "need" this behavior. What is it that you can't do with the existing behavior?

This: Add users to the admin interface in batches. You then need to manually send each and every new user an email with his details, and it's *very* time consuming.

comment:30 in reply to: ↑ 29 filosofo5 years ago

Replying to Denis-de-Bernardy:

This: Add users to the admin interface in batches. You then need to manually send each and every new user an email with his details, and it's *very* time consuming.

OK, then let's get that functionality with the checkbox. It solves your problem, and it avoids the other ones.

Denis-de-Bernardy5 years ago

comment:31 Denis-de-Bernardy5 years ago

new patch adds a checkbox that is turned on by default.

comment:32 Denis-de-Bernardy5 years ago

  • Type changed from feature request to enhancement

comment:33 filosofo5 years ago

Tested 9669.2.diff and it works perfectly. Let's get this in.

comment:34 F J Kaiser5 years ago

Tested and everything works just perfect. i´m with filosofo. let´s take this in.

only one enchancement: shouldn´t it be (translation & label-issue):

122: <th scope="row"><label for="send_password"><?php _e('Send Password?') ?></label></th>

AND

123: <td><input type="checkbox" name="send_password" id="send_password" <?php checked($new_user_send_password, true); ?> /> <?php _e('Send this password to the new user by email.'); ?></td>

Denis-de-Bernardy5 years ago

comment:35 Denis-de-Bernardy5 years ago

good catch. fixed in the 3rd diff.

comment:36 Denis-de-Bernardy5 years ago

  • Keywords dev-feedback removed

comment:37 F J Kaiser5 years ago

ok. thanks to anyone contributing discussion and code. i see this as a major enchancement.

comment:38 Denis-de-Bernardy5 years ago

don't cry victory before it gets committed. :-)

comment:39 ryan5 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [11319]) Add option to send password to users created from admin. Props Denis-de-Bernardy. fixes #9669

comment:40 F J Kaiser5 years ago

ehm, denis and ryan....

there´s still the <label for="send password"> twice... think it shouldn´t be there at row 123

...if this one´s fixed too, i´ll really cry victory (in uppercase letters ;)

comment:41 F J Kaiser5 years ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

comment:42 Denis-de-Bernardy5 years ago

no no, that's fine. both are supposed to be there. that way, you can click on either to check the box.

comment:43 Denis-de-Bernardy5 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

comment:44 F J Kaiser5 years ago

v-i-c-t-o-r-y ;)

Note: See TracTickets for help on using tickets.