Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.The UserPasswordResetTest::testUserPasswordReset() is bogus, since the drupal_get_hash_salt() uses a different $databases array to create the salt.
On the first request the databases connection does not contain the simpletest prefix, on the call initiated from user.pages.inc (user_pass_reset function) it does contain the prefix, so the return value is different #sadpanda
Possible solution: use a test module and hook_boot to set $drupal_hash_salt.
| Comment | File | Size | Author |
|---|---|---|---|
| #4 | pass-reset-tests-2207497-4.patch | 2.15 KB | JvE |
Comments
Comment #1
attiks CreditAttribution: attiks commentedComment #2
attiks CreditAttribution: attiks commentedI fixed this for the ga_login module, since I needed to test if the password reset link is still usable (patch can be found at #2207161-13: Automated testing), but this is an ugly fix.
If you want to test this patch, make sure your settings.php contains
'prefix' => ''inside the$databasesin your settings.php file.The proper solution is to set
$drupal_hash_saltat install time and write it to settings.php.PS: This is not a problem in Drupal 8, since it already writes the hash during install.
Comment #3
attiks CreditAttribution: attiks commentedPS: For some reason update_fix_d7_requirements does write a salt to settings.php
Comment #4
JvE CreditAttribution: JvE commentedI'm not sure I understand the summary but it does not look critical to me.
I've attached a patch with some extra checks in testUserPasswordReset().
Does this fail on prefixed databases?