Use format_username() on user pages instead of the plain $user->name

Updated patch

@Rajender Rajan : Good to see you in the Issue queue :)

 watchdog('user', 'Sent account cancellation request to %name %email.', array('%name' => format_username($account), '%email' => '<' . $account->mail . '>'), WATCHDOG_NOTICE);

watchdog('user', 'User %name used one-time login link at time %timestamp.', array('%name' => format_username($account), '%timestamp' => $timestamp));

No need to use format_username in watchdog messages . That's what
weri has mentioned in the problem statement as well.

SwapS

Thanks @ SwapS ! Re-submitting patch with all above mentioned changes.

What does this message look like in D8?

Stefan,

Same is the case with D8. Doesn't seems to be formatting username

 $this->logger->notice('User %name used one-time login link at time %timestamp.', array('%name' => $user->getUsername(), '%timestamp' => $form_state->getValue('timestamp')));

SwapS

Drupal 8 uses User::getUsername(), but that is already marked as deprecated for Drupal 9 (i.e. it will be removed before Drupal 9 will be available). Since \Drupal\user\UserInterface::getDisplayName() is the suggested replacement, the same type of change should be done in Drupal 7 too.

I am not sure about the need to change the message in the log: The users who can see it are probably able to see the user account already; I don't see why hiding it to them.

@kiamlaluno - Implementation not only restricted to message in the log but same is approach is followed when showing messages to User.

See below:
$form['message'] = array('#markup' => $this->t('<p>This is a one-time login for %user_name and will expire on %expiration_date.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $user->getUsername(), '%expiration_date' => $expiration_date)));

SwapS

Per the backport policy this ought to be solved in 8.x first :)

Also the tests need to be changed. See https://api.drupal.org/api/drupal/modules%21system%21system.test/7.x, the lines before the number 1251.

    // Submit password reset form.
    $edit = array(
      'name' => $this->user->name,
    );
    $this->drupalPost('user/password', $edit, t('E-mail new password'));
    $mails = $this->drupalGetMails();
    $start = strpos($mails[0]['body'], 'user/reset/'. $this->user->uid);
    $path = substr($mails[0]['body'], $start, 66 + strlen($this->user->uid));

    // Log in with temporary login link.
    $this->drupalPost($path, array(), t('Log in'));

The last line (1251) fails because the login button is not found.

I am sorry. I didn't refresh the page.

Stefan,

Created new issue for taking care of Drupal 8 part of it.

SwapS

Postponing this issue on the D8 issue then.

This looks like a duplicate of #1078894: The User module should use format_username() for system messages or other issues referenced therein.

On the other hand maybe there's some value in fixing the simplest cases first...