allow + in email, fix bad verify.php redirect, verify email on passwd chg

[plb]

In http://userspice.org/forums/topic/redire...#post-1927 I reproduced a problem where the system sometimes redirects to verify.php when it should redirect to users/verify.php. Here's a fix for that.

It is hard to do a patch for users/init.php since it is largely created by the installation process. However, about 3-4 lines from the bottom of that script you will find this line:

Redirect::to('verify.php');

change it to this to solve the problem:

Redirect::to('users/verify.php');

Also in that forum link (above) the example used pointed out the problem where a user could register, NOT verify, forget password, reset password, and they would still be unverified. HOWEVER, by this time we have processed an email to their address (in order to reset their password) and so they really should be verified without having to do it explicitly.

In http://userspice.org/forums/topic/verifi...l-encoded/ I reported a problem where email addresses with a '+' character in them were not forming proper links during the email verification process.

This pastebin patchfile solves both of the issues listed above:

http://pastebin.com/KCXp9LM4

[mudmin]

Yep! Thanks for pointing that out. I'll work on getting that stuff added to the patches...and you're right. It's just going to have to be a manual code edit for the verify. That's about the only thing we can't patch

[mudmin]

I have a hard time reading pastebins with the diffs interlaced like that. When you paste those, would you mind pasting your entire file (ie forgot_password_reset.php) and letting me use my own diff tool?

[mudmin]

I did figure it out though btw! Thanks for your patch!