By Eugene Dubois on

I'm sending out an email for possible new users for my website.
I already created a blocked user-account for them.

I also created a one time login with user_pass_reset_url().
This link I added to the email that is being sent.

One problem is though... Apparently this link is only valid for a day...
I can't expect all my users to click on the email link within a day.

Is there a way to extend this expiration period?

Categories: Drupal 6.x

Comments

cog.rusty’s picture

cog.rusty commented

Looking at http://api.drupal.org/api/function/user_pass_reset/6 I see this:

   // Time out, in seconds, until login URL expires. 24 hours = 86400 seconds.
    $timeout = 86400;

Apparently this is hardwired in the modules/user/user.pages.inc file and must be hacked there.

Eugene Dubois’s picture

Eugene Dubois commented

I don't really like to hack into core pages, because of future upgrades...

But I suppose if I document this properly for myself :)

Eugene Dubois’s picture

Eugene Dubois commented

I also see in this code:

// No time out for first time login.
For all these users it should be the first time they log in.
Otherwise I just might have to reset a field in the user table -> no core hack needed :)

Thank you very much!!!!

scenicwonders’s picture

scenicwonders commented

I, too, would like to offer users a longer first-time login period for administer-created accounts. I am working on a site that needs to be as accessible as possible.

Have there been any improvements to Drupal in the past 19 months that will let me do this without a code hack?

Thank you.

Matt

aosiname’s picture

aosiname commented

I use Drupal Multisite so it would be stupid of me to change it in core as that would change it for ALL my sites...

However since each site IN the multisite setup has a modules directory, i just copied the user module from core to the site in questions module directory and physically changed 84600 to 31557600 (1 year!) which gave users pretty much as long as they wish... Had to flush all caches and visit the admin/build/modules page for drupal to know to look in that directory for the user module...Really odd but i had to do those a few times before it actually worked... try is out here: http://test.digitalquarter.co.uk

So technically, i can even remove the text telling users that the link will expire...

jaskaran.nagra’s picture

jaskaran.nagra commented

If anyone is still struggling with this, you can now set a time in settings.php in Drupal 7.
$conf['user_password_reset_timeout'] = 86400 * 15;