It would be better if we change hook_form_alter() to hook_form_FORM_ID_alter(). This prevent the alter hook being invoked when not required.

/**
 * Implements hook_form_alter().
 *
 * Checks for the user password reset form and changes the validate and submit
 * functions. Uses the overrided functions defined in this module instead of
 * Drupal cores.
 */
function username_enumeration_prevention_form_alter(&$form, &$form_state, $form_id) {
  // Check to see if form is the reset password form.
  if (strlen(strstr($form_id, 'user_pass')) > 0) {
    // Override core validate and submit actions.
    $form['#validate'][array_search('user_pass_validate', $form['#validate'])] = 'username_enumeration_prevention_pass_validate';
    $form['#submit'][array_search('user_pass_submit', $form['#submit'])] = 'username_enumeration_prevention_pass_submit';
  }
}

to

/**
 * Implements hook_form_alter().
 *
 * Checks for the user password reset form and changes the validate and submit
 * functions. Uses the overrided functions defined in this module instead of
 * Drupal cores.
 */
function username_enumeration_prevention_form_alter(&$form, &$form_state, $form_id) {
  // Override core validate and submit actions.
  $form['#validate'][array_search('user_pass_validate', $form['#validate'])] = 'username_enumeration_prevention_pass_validate';
  $form['#submit'][array_search('user_pass_submit', $form['#submit'])] = 'username_enumeration_prevention_pass_submit';
}

Comments

a_thakur created an issue. See original summary.

a_thakur’s picture

Status: Active » Needs review
StatusFileSize
new1.24 KB

Please find the patch which fixes the above issue.

a_thakur’s picture

Issue summary: View changes
nicksanta’s picture

Thanks, I'll test this out soon. I will also check if this patch resolves #2483899: Multiple reset emails too.

  • nicksanta committed 0966e1a on 7.x-1.x authored by a_thakur
    Issue #2589661 by a_thakur, nicksanta: Change hook_form_alter to...
nicksanta’s picture

Status: Needs review » Fixed

Committed to 7.x-1.x branch - thanks for your contribution!

https://github.com/nicksantamaria/drupal-username_enumeration_prevention...

nicksanta’s picture

Status: Fixed » Patch (to be ported)

Work in progress for 8.x branch - waiting on tests being ported from 7.x

https://github.com/nicksantamaria/drupal-username_enumeration_prevention...

  • nicksanta committed 53cf910 on 8.x-1.x authored by a_thakur
    Issue #2589661 by a_thakur, nicksanta: Change hook_form_alter to...
nicksanta’s picture

Committed to 8.x-1.x branch - thanks for your contribution!

https://github.com/nicksantamaria/drupal-username_enumeration_prevention...

nicksanta’s picture

Status: Patch (to be ported) » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.