add a condition for your redirect rule, with a php-evaluation that checks the path.

Comments

joostvdl’s picture

Subscribe

mitchell’s picture

Version:6.x-1.0-rc2» 6.x-1.x-dev

Perhaps we could add an event to an event when "user" requests new password. Since they wouldn't be logged in when this happens, it would have to be based on the submitted user name. This way, you could add the user to another role that tracks their status in your registration workflow.

Would this do the trick?

deverman’s picture

This can probably work I can assign another role to the user and then check if that role exists before doing a redirect on login. It should also apply to the users email because I use loggin toboggan and require users to login with email addresses instead of user names.

capellic’s picture

I am having the same issue.

My website requires users to be approved. When the user clicks on the one-time login link and is asked to change their password, they are giving a message at the top of the content body to go fill out their profile (per my rule which is triggered on login).

Another solution for me would be to show the message on a particular page but only once a day -- not every time the user visits the page.

BlackD’s picture

I had the same issue, and searched for an answer for a while (even trying other modules for redirecting on logon). Finally I found this solution that works for Rules.
What you do is add a condition for your redirect rule, with the following php-evaluation:

if (arg(0) == 'user' && arg(1) == 'reset') {
return false;
} else {
return true;
}

This checks if the user is using a one-time password, if that is the case the redirect rule is not triggered.
Hope this helps!

capellic’s picture

Brilliant! Thanks for the tip!

deverman’s picture

Great thank you so much!

izmeez’s picture

@BlackD Thanks for the tip in #5, works great.

izmeez’s picture

Title:Forget Password link triggers login rule, login rule confuses user by taking them to the wrong screen» Rules redirect on login, adding conditional php to recognize one-time login and password reset

I hope no-one minds me changing the title of this issue. I think this might help people find what they might be looking for.

Izzy

AdrianB’s picture

I just wanted to thank BlackD for the tip in #5, exactly what I was looking for!

kscott22’s picture

Wow! Thanks, BlackD.

My users were being re-directed to a role-specific home page when they used the one-time login, so they could never set or change their password. Your snippet saved me! Thanks so much!!! (FYI, it works in Drupal 7, as well.)

boran’s picture

#5 does not work for me.
I was unable to find a doc on how URL arguments are passed, e.g.
- should arguements above not be $argv or $arg (why no dollar)
- in a multi-lang site with lang prefix, the lag will be in position zero? e.g. I tried

// Accept all pages, except
// ignore http://SITE/LANG/user/reset/xxxx
if (arg(1) == 'user' && arg(2) == 'reset') {
return false;
} else {
return true;
}
zeemp’s picture

Status:Active» Closed (fixed)
danbohea’s picture

Component:Rules Core» Rules Engine

Nice one, #5 just saved my bacon.

I know this is closed but does anyone care to comment about the concerns raised in #12? Is it possible for anything else to be used as the first arg and get around the PHP condition?

shadowhitman’s picture

I wonder if its possible to use Rules to redirect to Front page after reset password,
instead of redirect to Login page.
Any ideas ?

Thanks

swamptrunk’s picture

Component:Rules Engine» Rules Core

For #12: to add php conditions, just ensure that your PHP filter module is on.

Yea!

stephen.colson’s picture

For the record, rules in D7 seems to have a data value for [account:one-time-login-url], so you can set a condition on that.

It is STRONGLY recommended that you do not bother with #5 as that requires turning on the php filter module, which can be a horrible security risk for any site for which it is enabled.

mitchell’s picture

Component:Rules Engine» Rules Core
Status:Closed (fixed)» Postponed (maintainer needs more info)

What's left to do here? This appears to be a docs issue.

A backport of https://drupal.org/project/rules_url_argument might be something worth checking into as well.

izmeez’s picture

If the solution in #5 is strongly not recommended it would be nice, if not essential, to have some other solution. Thanks.

klucid’s picture

Thanks, stephen.colson, but I can't figure out how to get the condition working in D7. Sorry if I'm hijacking the thread, but it seems relevant.

I've added the condition "Path has URL alias" and used [account:one-time-login-url]. I also checked "negate" because I want the redirect to execute only if the user is NOT using the one time login link.

Any ideas why it's not working? More specifically, the rule doesn't redirect at all.

deverman’s picture

Issue tags:+phpcs

Hi, thanks I just ran that command and it looks like phpcs is not installed properly. I followed the instructions installing with PEAR and it doesn't look like it worked fully. Any suggestions?

bash-3.2$ phpcs --version Unknown on line 0
PHP Warning: include_once(PHP/CodeSniffer/CLI.php): failed to open stream: No such file or directory in /usr/bin/phpcs on line 31
PHP Stack trace:
PHP 1. {main}() /usr/bin/phpcs:0

Warning: include_once(PHP/CodeSniffer/CLI.php): failed to open stream: No such file or directory in /usr/bin/phpcs on line 31

Call Stack:
0.0002 640848 1. {main}() /usr/bin/phpcs:0

PHP Warning: include_once(): Failed opening 'PHP/CodeSniffer/CLI.php' for inclusion (include_path='.:') in /usr/bin/phpcs on line 31
PHP Stack trace:
PHP 1. {main}() /usr/bin/phpcs:0

Warning: include_once(): Failed opening 'PHP/CodeSniffer/CLI.php' for inclusion (include_path='.:') in /usr/bin/phpcs on line 31

Call Stack:
0.0002 640848 1. {main}() /usr/bin/phpcs:0

PHP Fatal error: Class 'PHP_CodeSniffer_CLI' not found in /usr/bin/phpcs on line 34
PHP Stack trace:
PHP 1. {main}() /usr/bin/phpcs:0

Fatal error: Class 'PHP_CodeSniffer_CLI' not found in /usr/bin/phpcs on line 34

Call Stack:
0.0002 640848 1. {main}() /usr/bin/phpcs:0

stephen.colson’s picture

Re #19, if there is no other suitable d6 version still, then I would recommend exporting the rule using features, and modify the php code there. If you are using PHP, it should be in code and not the database anyway.

Re #20, I know this isn't the best answer but I have no idea why it wouldn't work for you. It has worked well enough on every d7 site I have worked with, so I couldn't really begin to tell you what wasn't working right on your site.

Louis Bob’s picture

Does this try to differentiate
- users logging in for the first time
from
- users resetting their password ?

It's what I am trying to achieve, but it seems that this thread only discusses ways to differentiate:
- users logging in for the first time or resetting their password
from
- users logging in "normally".

Can you confirm that the this discussion is about the latter?

forestmars’s picture

@Louis Bob #23 - yes.

amccoy’s picture

RE #20 - I too can not get it to work with D7 ... here is export of my rule:

{ "rules_home_page_redirect_user" : {
"LABEL" : "AM Redirect logged in user to their home page",
"PLUGIN" : "reaction rule",
"TAGS" : [ "user activity" ],
"REQUIRES" : [ "rules", "path" ],
"ON" : [ "user_login" ],
"IF" : [
{ "NOT path_has_alias" : { "source" : "[account:one-time-login-url]" } }
],
"DO" : [ { "redirect" : { "url" : "user-home" } } ]
}
}
Still not sure why it isn't working ... Thanks for any suggestions.

EDIT: Further research (http://drupal.org/node/1045964#comment-6016904) revealed that all I had to do was to change my condition to ... NOT Text Compare -- site:current-page:path -- contains user/reset
And all works as intended
FYI here is my rule export:
{ "rules_am_redirect_user_logins" : {
"LABEL" : "AM redirect user logins",
"PLUGIN" : "reaction rule",
"REQUIRES" : [ "rules" ],
"ON" : [ "user_login" ],
"IF" : [
{ "NOT text_matches" : { "text" : [ "site:current-page:path" ], "match" : "user\/reset" } }
],
"DO" : [ { "redirect" : { "url" : "user-home" } } ]
}
}

amjad1233’s picture

Was small code but very powerful.

Thanks mate !

adpo’s picture

Re #5 what event is needed for redirection. I know the conditions, but not event.

Thank you for reply
Adrian

JordiTR’s picture

Thanks "amccoy" your #25 comment has been extremely useful, specially your edit since I was facing exactly the same problem and my first impression was to create your exact first condition! Thanks a lot!! :-)

play4quarters’s picture

Amccoy...this was Extremely helpful!

Can't thank you enough!!!

isa@morfinastudio.com’s picture

Hello! I have tried #5 and those not work for me. I am using drupal 7

My rule goes like that:

Event: user logged in
Condition: data to check: site:current-cart-order:commerce-line-items:0
2nd Condition: #25 solution
Action: page redirect

#25 IT DOES WORK is not "user\/reset" is "user/reset" OBVIOUSLY :D HAHA

amccoy’s picture

RE#30 when you enter the text into the field on the form it is in fact "user/reset"
but when you export the rules, that line of code becomes:
{ "NOT text_matches" : { "text" : [ "site:current-page:path" ], "match" : "user\/reset" } }
... and the extra "\" before the "/" is called "escaping a special character"
google "escaping a special character" and you will understand what I mean :-)

giorgio79’s picture

b_willems’s picture

Thanks mucho amccoy, I was banging my head for a while on this, and a quick search here led me to your solution!

FrankRoose’s picture

You can also fix this problem just using rules, no coding.

In my case I wanted to redirect people to their workbench after they login.
But people that forgot their password would also get redirected to their workbench and wouldn't be able to change their password. They had to navigate to their own profile page but they had to reenter their password again: the onetime logging didn't work anymore.

So this is the rule I added:

Events
Event: User logged in.

Conditions
Elements: Text comparison.
Parameter: Tekst: [site:current-page:path], Matching text: user, Comparison operation: ends with

Actions
Elements: Page redirect
Parameter: URL: admin/workbench, Force redirect: false

rroose’s picture

Cool! Thanks!

rroose’s picture

Issue summary:View changes

Correction: comment added where summary should have been

Virang’s picture

Issue summary:View changes

Very helpful code, it saved my time, thanks

densolis’s picture

We used a slight variation on # 34:

Events
Event: User logged in.

Conditions
Elements: NOT Text comparison.
Parameter: Text: [site:current-page:path], Matching text: ^user/reset/, Comparison operation: regular expression

Actions
Elements: Page redirect
Parameter: URL: admin/workbench, Force redirect: True

So we re-direct if the path is not ^user/reset/

Just a different way to accomplish the same thing.