diff --git a/components/com_users/controllers/remind.php b/components/com_users/controllers/remind.php index 71cc321cae28d..56e0e673bb73e 100644 --- a/components/com_users/controllers/remind.php +++ b/components/com_users/controllers/remind.php @@ -37,7 +37,7 @@ public function remind() $return = $model->processRemindRequest($data); // Check for a hard error. - if ($return == false) + if ($return == false && JDEBUG) { // The request failed. // Go back to the request form. @@ -46,14 +46,11 @@ public function remind() return false; } - else - { - // The request succeeded. - // Proceed to step two. - $message = JText::_('COM_USERS_REMIND_REQUEST_SUCCESS'); - $this->setRedirect(JRoute::_('index.php?option=com_users&view=login', false), $message); - return true; - } + // To not expose if the user exists or not we send a generic message. + $message = JText::_('COM_USERS_REMIND_REQUEST'); + $this->setRedirect(JRoute::_('index.php?option=com_users&view=login', false), $message); + + return true; } } diff --git a/components/com_users/controllers/reset.php b/components/com_users/controllers/reset.php index 10f023585c545..137d1a378f00b 100644 --- a/components/com_users/controllers/reset.php +++ b/components/com_users/controllers/reset.php @@ -38,7 +38,7 @@ public function request() $return = $model->processResetRequest($data); // Check for a hard error. - if ($return instanceof Exception) + if ($return instanceof Exception && JDEBUG) { // Get the error message to display. if ($app->get('error_reporting')) @@ -55,7 +55,7 @@ public function request() return false; } - elseif ($return === false) + elseif ($return === false && JDEBUG) { // The request failed. // Go back to the request form. @@ -64,14 +64,13 @@ public function request() return false; } - else - { - // The request succeeded. - // Proceed to step two. - $this->setRedirect(JRoute::_('index.php?option=com_users&view=reset&layout=confirm', false)); - return true; - } + // The request succeeded. + // Proceed to step two. + $message = JText::_('COM_USERS_RESET_REQUEST'); + $this->setRedirect(JRoute::_('index.php?option=com_users&view=reset&layout=confirm', false), $message, 'notice'); + + return true; } /** diff --git a/language/en-GB/en-GB.com_users.ini b/language/en-GB/en-GB.com_users.ini index d567219ba8930..5cc50c5d2ac5b 100644 --- a/language/en-GB/en-GB.com_users.ini +++ b/language/en-GB/en-GB.com_users.ini @@ -131,6 +131,7 @@ COM_USERS_REMIND_DEFAULT_LABEL="Please enter the email address associated with y COM_USERS_REMIND_EMAIL_LABEL="Your Email" COM_USERS_REMIND_LIMIT_ERROR_N_HOURS="You have exceeded the maximum number of password resets allowed. Please try again in %s hours." COM_USERS_REMIND_LIMIT_ERROR_N_HOURS_1="You have exceeded the maximum number of password resets allowed. Please try again in one hour." +COM_USERS_REMIND_REQUEST="If the email address was correct a reminder has been sent. Please check your mail." COM_USERS_REMIND_REQUEST_ERROR="Error requesting password reminder." COM_USERS_REMIND_REQUEST_FAILED="Reminder failed: %s" COM_USERS_REMIND_REQUEST_SUCCESS="Reminder sent. Please check your mail." @@ -144,6 +145,7 @@ COM_USERS_RESET_CONFIRM_ERROR="Error while confirming the password." COM_USERS_RESET_CONFIRM_FAILED="Your password reset confirmation failed because the verification code was invalid. %s" COM_USERS_RESET_CONFIRM_LABEL="An email has been sent to your email address. The email contains a verification code, please paste the verification code in the field below to prove that you are the owner of this account." COM_USERS_RESET_COMPLETE_TOKENS_MISSING="Your password reset confirmation failed because the verification code was missing." +COM_USERS_RESET_REQUEST="If the email address was correct a new password has been sent. Please check your mail." COM_USERS_RESET_REQUEST_ERROR="Error requesting password reset." COM_USERS_RESET_REQUEST_FAILED="Reset password failed: %s" COM_USERS_RESET_REQUEST_LABEL="Please enter the email address for your account. A verification code will be sent to you. Once you have received the verification code, you will be able to choose a new password for your account."