Adding password info in the Profile notification email

Can anybody help me do this:

How can I add the password information in the New Profile notification email, it only copies the membership, login and name.

Membership: Wholesale

Login: test

Name: test

I’m bumping this as I need to know how to send the password with the email notification to new admins I’m adding.

I don’t want to have to send them a seperate email with their password.

Actually, the same goes for customers too.

I know it’s not “kosher” to send passwords via email but on the first sign-up email it would be nice. Because if we don’t send them their password with the email I’d be willing to bet that you would be flooded with emails asking for their password. :cool:




I don’t know how to add the password information in the New Profile notification email, but if a customer forgets their password, they can use the Recover Password button on the Login page. This sends an email with a link on it which enables customers to change their password to whatever they want.

I hope this helps with one of the queries…

Yes, thanks. I just talked to CS-CART support and because the password is part of their encrypted database it will take a “custom” modification to have this done.

I will be doing this because I think it’s a necessity that we send new sign-ups all their information including their password.

I’m sure this will reduce the amount of requests from people who sign-up and forget their password, plus they won’t have to “jump through hoops” just to get it.


I just had a quick play, add the [COLOR=“Red”]red[/COLOR] lines, in /core/fn_users.php (approx line 315)

// Check the passwords
if (!empty($user_data['password1']) && !empty($user_data['password2']) && $user_data['password1'] == $user_data['password2']) {
$_data['password'] = md5($user_data['password1']);
} else {
if (strstr('ACP', $_data['user_type'])) {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_passwords_dont_match'));
if ($is_checkout == true) {
if (AREA == 'A') {
if ($settings['General']['one_page_checkout'] == 'Y') {
} else {
} else {

[COLOR="red"]$pass = $user_data['password1'];[/COLOR]

and at around line 430

// Send notifications to customer
if ($notify_customer == 'Y') {

$user_data = fn_get_user_info($user_id, $profile_id);
$smarty_mail->assign('memberships', fn_get_memberships('F', $user_data['lang_code']));
$smarty_mail->assign_by_ref('user_data', $user_data);
[COLOR="red"]$smarty_mail->assign('pass', $pass);[/COLOR]
fn_send_mail($user_data['email'], $settings['Company']['company_users_department'], 'profiles/create_profile_subj.tpl', 'profiles/create_profile.tpl', '', $user_data['lang_code']);


Then in /YOUR_SKIN/mail/profiles/profiles_info.tpl


{if $settings.General.use_email_as_login != ‘Y’ && $user_data.user_type != ‘S’}






Ok it’s official you are the man.:cool:

It works!..for the new account sign-up.

Now you know what I’m going to ask next, right?

Is there a way to send the password when updating the account information too?

Like when a customer logs into their account and they change their password, it would be nice if the email would include the updated password.

I looked at the update_profile.tpl and it includes the profiles_info.tpl but the password comes across as blank.

Too much to ask?

Thanks for the help!

In /include/common/profiles.php and around line 124

if (!empty($user_data['password1']) && !empty($user_data['password2']) && $user_data['password1'] == $user_data['password2']) {
$_data['password'] = md5($user_data['password1']);
} elseif ($user_data['password1'] != $user_data['password2']) {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_passwords_dont_match'));

[COLOR="red"]$pass = $user_data['password1'];[/COLOR]

And at around line 194

$user_data = fn_get_user_info($uid, $profile_id);
$smarty_mail->assign('user_data', $user_data);
[COLOR="Red"]$smarty_mail->assign('pass', $pass);[/COLOR]
$smarty_mail->assign('memberships', fn_get_memberships('F', $lang_code));

Yep yep yep…that’s it.

I guess the key here is to know where to look. :wink:

Thanks Charlie…appreciate the help.

No problem.

BTW it will only show the password (update) if it has been changed.

[QUOTE]BTW it will only show the password (update) if it has been changed.[/QUOTE]

Yes, I noticed that…which is perfect because I don’t really want to be sending the password everytime a customer updates their account…:rolleyes:

So for anyone who might be “browsing” by and for clarity:

  1. First section of code above sends password via email for new user sign-up.
  2. Second section of code above sends new password via email ONLY when a customer changes their password.

    Thanks again for the help with this.


You beat me to it…nice job


this was one of “those” requests/threads that I was gonna spend some of that

“I gotta know” time on


Does that solutions work at 2.x version ?

Looks very useful !

[quote name=‘dioskouros’]Hi,

Does that solutions work at 2.x version ?

Looks very useful ![/QUOTE]

Well, the email notification for the forum works…


I am still on the older cart so I can’t answer that for you…seems to me the basics should work, just the locations of the data might have changed

Yes, for example in /core/fn_users.php has that //check the passwords

[QUOTE]// Check the passwords

$user_data[‘password1’] = !empty($user_data[‘password1’]) ? trim($user_data[‘password1’]) : ‘’;

$user_data[‘password2’] = !empty($user_data[‘password2’]) ? trim($user_data[‘password2’]) : ‘’;

[COLOR=“Red”]$pass = $user_data[‘password1’];[/COLOR]


and at around line 1000 intead of the &smarty_mail->assign has this :

[QUOTE]// Send notifications to customer

if (!empty($notify_customer)) {

// Notify customer about profile activation (when update profile only)

if ($action == ‘update’ && $current_user_data[‘status’] === ‘D’ && $user_data[‘status’] === ‘A’) {

fn_send_mail($user_data[‘email’], Registry::get(‘settings.Company.company_users_department’), ‘profiles/profile_activated_subj.tpl’, ‘profiles/profile_activated.tpl’, ‘’, $lang_code);


// Notify customer about profile add/update

if ($action == ‘add’) {

fn_send_mail($user_data[‘email’], Registry::get(‘settings.Company.company_users_department’), ‘profiles/create_profile_subj.tpl’, ‘profiles/create_profile.tpl’, ‘’, $lang_code);

} else {

fn_send_mail($user_data[‘email’], Registry::get(‘settings.Company.company_users_department’), ‘profiles/update_profile_subj.tpl’, ‘profiles/update_profile.tpl’, ‘’, $lang_code);




so I think it has no meaning to add at /YOUR_SKIN/mail/profiles/profiles_info.tpl





because the &pass variable haven't been assigned at /core/fn.user.php

So the obvious difference between 1.3.x and 2.x is the use of the registry at fn_send_mail ..?

any idea welcomed

Is it possible to display the password in the users profile in admin section?

Is there any way to do this for CS-cart 2.x?

Why would you want to send a plain text password over email so it could be picked-off? Major security issue.