In this way, the "Forgot password" feature would work also as "Forgot Username".

No!
$user->name NOT $user->username

oh, sorry, i didn't get properly.
But, why do you think this could be useful?

btw you wrote "username" not "user name" (to be intended as name of the user).

sorry, changed

its work for:

COM_USERS_EMAIL_REGISTERED_BODY="Hello %s,\n\nThank you for registering at %s.\n\nYou may now log in to %s using the following username and password:\n\nUsername: %s\nPassword: %s"

COM_USERS_EMAIL_REGISTERED_WITH_ACTIVATION_BODY="Hello %s,\n\nThank you for registering at %s. Your account is created and must be activated before you can use it.\nTo activate the account select the following link or copy-paste it in your browser:\n%s \n\nAfter activation you may login to %s using the following username and password:\n\nUsername: %s\nPassword: %s"

COM_USERS_EMAIL_REGISTERED_WITH_ADMIN_ACTIVATION_BODY="Hello %s,\n\nThank you for registering at %s. Your account is created and must be verified before you can use it.\nTo verify the account select the following link or copy-paste it in your browser:\n %s \n\nAfter verification an administrator will be notified to activate your account. You'll receive a confirmation when it's done.\nOnce that account has been activated you may login to %s using the following username and password:\n\nUsername: %s\nPassword: %s"

etc.

also need to do COM_USERS_EMAIL_USERNAME_REMINDER_BODY and COM_USERS_EMAIL_PASSWORD_RESET_BODY

Maybe now it's more clear what you intended.

If i understood it correctly, you suggest to add the name of the user in the first part of the message: Hello %s that is already in place in the strings:

COM_USERS_EMAIL_REGISTERED_BODY
COM_USERS_EMAIL_REGISTERED_WITH_ACTIVATION_BODY
COM_USERS_EMAIL_REGISTERED_WITH_ADMIN_ACTIVATION_BODY
and not in: COM_USERS_EMAIL_USERNAME_REMINDER_BODY

ok, then.
Why don't you submit a PR doing it? :)

Why don't you submit a PR doing it? :)

I'm sorry, I do not quite understand English

also need to do COM_USERS_EMAIL_PASSWORD_RESET_BODY

Hi

From memory it is deliberate that we dont do this. To request a password reset you only need an email address but to use that password reset you also need to know the name of the user. If you tell them this in the password reset email then you are disclosing information that might help a hacker gain access to your account. Yes I understand that you are talking about user and not username but in many cases this is the same

I am closing this for the reason stated above. It has been discussed in the JSST (security team) and we are agreed that this is not a good idea.

Thank you for taking the time to raise this issue

then add a trigger event, so that you can with the help of plug-ins to manage sending notifications
is this possible?

I really dont understand what you are trying to achieve but we will not be
implementing anything that will decrease your website security

On 18 November 2016 at 09:14, denverkurt notifications@github.com wrote:

then add a trigger event, so that you can with the help of plug-ins to
manage sending notifications

is this possible?

This comment was created with the J!Tracker Application
https://github.com/joomla/jissues at issues.joomla.org/tracker/
joomla-cms/12927.

—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
#12927 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABPH8Tphabbw50mylSALC_lRY1cRCEVtks5q_Wx_gaJpZM4K1ULv
.

Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
https://brian.teeman.net/ http://brian.teeman.net/

if you decide that it is not safe, it does not mean that everything is considered
Allow developers to manage the sending of notifications
add events to trigger more I ask nothing