I am trying to update user password using the following code
$account = user_load(USER_ID);
$edit['pass'] = NEW_PASSWORD;
user_save($account, $edit);
but its not working.While debugging I found that hook_user_update was implemented and on some condition, it called another function which again implements user_save for the same user account but by loading it using the function user_load.Please see following code for a better understanding
/**
* Implements hook_user_update().
*/
function my_module_user_update(&$edit, $account, $category) {
// This condition will save the user_save from going into infinite loop.
if (!isset($edit['profile_update'])) {
my_custom_function();
}
}
function my_custom_function() {
// USER_ID is same as above.
$account = user_load(USER_ID);
// Did some stuff.
$edit['profile_update'] = 1;
user_save($account, $edit);
}
So like this, I implemented my code. When I try to update the password or any other information by user_save, it didn't reflect any changes.After debugging I found that user.module does not clear the cache after saving the update in the database.it clears the cache after invoking the hook_user_update(). So I think it should clear the cache after just inserting data into the database.
Please correct me if I am wrong and share your thoughts.
Comment | File | Size | Author |
---|---|---|---|
#3 | changing_password_user_save-2873330-1.patch | 807 bytes | Jitujain |
Comments
Comment #2
Jitujain CreditAttribution: Jitujain at Innoraft commentedComment #3
Jitujain CreditAttribution: Jitujain at Innoraft commentedComment #4
amit0212 CreditAttribution: amit0212 as a volunteer and at Iksula commentedYou just need to call user_save() using code similar to the following one.
$edit['pass'] = 'New password';
user_save($account, $edit);
$account contains the user object for the user account to alter. I get you load it using user_load(), but it could also be the user object for the currently logged in user. In the latter case, Drupal will regenerate the session using the following code (part of user_save()).
// If the password changed, delete all open sessions and recreate
// the current one.
if ($account->pass != $account->original->pass) {
drupal_session_destroy_uid($account->uid);
if ($account->uid == $GLOBALS['user']->uid) {
drupal_session_regenerate();
}
}
The password in $edit['pass'] is the plain password. user_save() will replace it with its hash using the following code (at the beginning of the function).
if (!empty($edit['pass'])) {
// Allow alternate password hashing schemes.
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
$edit['pass'] = user_hash_password(trim($edit['pass']));
// Abort if the hashing failed and returned FALSE.
if (!$edit['pass']) {
return FALSE;
}
}
As alternative, you could use drupal_submit_form().
$form_state = array();
$form_state['user'] = $account;
$form_state['values']['pass']['pass1'] = 'New password';
$form_state['values']['pass']['pass2'] = 'New password';
$form_state['values']['op'] = t('Save');
drupal_form_submit('user_profile_form', $form_state);
In this way, if you have any module that, for example, validates the password, its code would be executed, and you would get any error code from form_get_errors().
Comment #5
Jitujain CreditAttribution: Jitujain at Innoraft commentedThanks Amit0212
Your solution will work in normal case but if you put your solution in above given my condition then it will not work.Conditions like first call user_save() then it invokes user_update then user_update code again calls user_save.Please try its according to my conditions
Comment #6
vensires CreditAttribution: vensires commented