From 14aa9c01da4bbd2e1b9af9a61b1ecac74f3047cb Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sat, 19 Sep 2020 18:40:00 +0200
Subject: [PATCH] Neutral message if login / email exists #yohosha4542

---
 htdocs/langs/en_US/users.lang     |  2 ++
 htdocs/user/passwordforgotten.php | 21 ++++++++++++++++++---
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/htdocs/langs/en_US/users.lang b/htdocs/langs/en_US/users.lang
index 37ad1c0fc0d..7e81efd0d16 100644
--- a/htdocs/langs/en_US/users.lang
+++ b/htdocs/langs/en_US/users.lang
@@ -46,6 +46,8 @@ RemoveFromGroup=Remove from group
 PasswordChangedAndSentTo=Password changed and sent to <b>%s</b>.
 PasswordChangeRequest=Request to change password for <b>%s</b>
 PasswordChangeRequestSent=Request to change password for <b>%s</b> sent to <b>%s</b>.
+IfLoginExistPasswordRequestSent=If this login is a valid account, an email to reset password has been sent.
+IfEmailExistPasswordRequestSent=If this email is a valid account, an email to reset password has been sent.
 ConfirmPasswordReset=Confirm password reset
 MenuUsersAndGroups=Users & Groups
 LastGroupsCreated=Latest %s groups created
diff --git a/htdocs/user/passwordforgotten.php b/htdocs/user/passwordforgotten.php
index 03225e85866..96497492a15 100644
--- a/htdocs/user/passwordforgotten.php
+++ b/htdocs/user/passwordforgotten.php
@@ -100,16 +100,24 @@ if ($action == 'buildnewpassword' && $username)
     {
         $message = '<div class="error">'.$langs->trans("ErrorBadValueForCode").'</div>';
     } else {
+    	$isanemail = preg_match('/@/', $username);
+
         $edituser = new User($db);
         $result = $edituser->fetch('', $username, '', 1);
-        if ($result == 0 && preg_match('/@/', $username))
+        if ($result == 0 && $isanemail)
         {
         	$result = $edituser->fetch('', '', '', 1, -1, $username);
         }
 
         if ($result <= 0 && $edituser->error == 'USERNOTFOUND')
         {
-            $message = '<div class="error">'.$langs->trans("ErrorLoginDoesNotExists", $username).'</div>';
+        	$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">';
+        	if (! $isanemail) {
+        		$message .= $langs->trans("IfLoginExistPasswordRequestSent");
+        	} else {
+            	$message .= $langs->trans("IfEmailExistPasswordRequestSent");
+        	}
+        	$message .= '</div>';
             $username = '';
         } else {
             if (!$edituser->email)
@@ -125,7 +133,14 @@ if ($action == 'buildnewpassword' && $username)
                     // Success
                     if ($edituser->send_password($user, $newpassword, 1) > 0)
                     {
-                    	$message = '<div class="ok'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">'.$langs->trans("PasswordChangeRequestSent", $edituser->login, dolObfuscateEmail($edituser->email)).'</div>';
+                    	$message = '<div class="warning paddingtopbottom'.(empty($conf->global->MAIN_LOGIN_BACKGROUND) ? '' : ' backgroundsemitransparent').'">';
+                    	if (! $isanemail) {
+                    		$message .= $langs->trans("IfLoginExistPasswordRequestSent");
+                    	} else {
+                    		$message .= $langs->trans("IfEmailExistPasswordRequestSent");
+                    	}
+                    	//$message .= $langs->trans("PasswordChangeRequestSent", $edituser->login, dolObfuscateEmail($edituser->email));
+                    	$message .= '</div>';
                         $username = '';
                     } else {
                         $message .= '<div class="error">'.$edituser->error.'</div>';