Skip to content

realurl configuration for felogin

Ever been annoyed by ugly URLs in the forgot password mails of felogin?

Adding a small snippet to your realurl configuration solves the issue.

Assuming you have a dedicated login page, where you put the "felogin" plugin, you will most likely also have the "Forgot Password" feature enabled there. The process to change one's password involves sending a mail to the user including a link to the password reset form.

This is were the story begins. The link in the mail looks really ugly with all those felogin-parameters.

Additionally you are - of course - using the "realurl" extension too. As usual you will end up with URLs where the page-part is nicely encoded by realurl, but the extension parameters are just appended. This looks even more weird.
While it might be acceptable for normal links on the page to look like this, it is in my opinion not acceptable in "forgot password"-mail sent by felogin.

The goal

Typically the links look like this:

 

http://example.com/special/login/?tx_felogin_pi1[user]=123&tx_felogin_pi1[forgothash]=34597FE33AB...&cHash=hdfkhg28628423

 

But wouldn't that be much better?

 

http://example.com/special/login/123/34597FE33AB.../

 

The solution

By adding the following configuration for realurl to your fixedPostVars-Array you'll have the pleasure of nice URLs.

 

'fixedPostVars' => array(
$loginPageUid => array(
array(
'GETvar' => 'tx_felogin_pi1[forgot]',
'valueMap' => array(
'forgot' => 1
),
'noMatch' => 'bypass'
),
array(
'GETvar' => 'tx_felogin_pi1[redirectReferrer]',
'valueMap' => array(
'noRedirect' => 'off'
),
'noMatch' => 'bypass'
),
array(
'GETvar' => 'tx_felogin_pi1[user]'
),
array(
'GETvar' => 'tx_felogin_pi1[forgothash]'
),
),
),

 

You have to set $loginPageUid to the page id where your felogin plugin resides.

No pro without con

As always you've to be aware that realurl has a decode-cache. That means it remembers the URL to parameter mapping. Since the forgothash is regenerated every time, this solution is very prone to cache spamming.

But hey, if this is really getting a problem for you, you may still reduce the configuration above. Simply remove the configuration for the forgothash and you're good to go. The maximum cache entry number is bound by number of fe_users you have. Still a problem? Remove the configuration for the user as well.

 

This information applies to TYPO3 CMS versions 6.2 to 7.1