this is happening with all our system email templates (in /admin/config/people/emails), but as an example, the password recovery email.

the subject is:

Password reset information for [user:name] at [site:name]

when the email gets sent, the subject is:

Password reset information for at

the same is true for most of the tokens in the mail body as well. however, the actual url/link for the password reset is in the email and correct.

i have traced the code a bit, and here's what i have found so far:

user_mail() calls _user_mail_text() calls token_replace() calls token_generate()  -- the call chain keeps going...

the token_replace() function is getting this as the $text parameter:

Password reset information for [user:name] at [site:name]

and this for the $options parameter:

array(4) {
  ["langcode"]=>
  string(2) "en"
  ["callback"]=>
  string(16) "user_mail_tokens"
  ["sanitize"]=>
  bool(false)
  ["clear"]=>
  bool(true)
}

and this for the $data parameter:

array(1) {
  ["user"]=>
  object(User)#111 (46) {
    ["uid"]=>
    string(2) "14"
    ["name"]=>
    string(3) "xxxxxx"
    ["pass"]=>
    string(55) "xxxxx"
    ["mail"]=>
    string(18) "xxxx"
    ... // a valid and fully populated User object
  }
}

and after calling token_scan(), $text_tokens is this:

array(2) {
  ["user"]=>
  array(1) {
    ["name"]=>
    string(11) "[user:name]"
  }
  ["site"]=>
  array(1) {
    ["name"]=>
    string(11) "[site:name]"
  }
}

then, after looping through each token calling token_generate() for each, $replacements is this:

array(2) {
  ["[user:name]"]=>
  string(0) ""
  ["[site:name]"]=>
  string(0) ""
}

resulting in blanks in place of the tokens in the subject and message.

i know those emails worked at one time, and the templates have not been changed, and our custom module has no hook_mail() function or any  hooks related to tokens. is it possible this broke with the last security update? is nobody else seeing this? it is surely possible that somehow, somewhere, my code - or a site setting? - is somehow causing this. i just am kind of stuck. i may have to hack my way around it, which would unfortunately mean touching core files.

any help would be greatly appreciated.

Accepted answer

thanks much for the response. after several hours of trying everything i could think of to figure it out, i finally just replaced core from the current zip file (and ran update.php to be safe), and viola! the problem was gone. not sure why that did it, i just wish that had been the first thing i tried.

i'll close this out.

 

Comments

more relevant info:

i tried to modify the password reset email template at /admin/config/people/emails, to remove the tokens other than the reset link. when i save the form, i get a pair of these errors for each of the email templates (with the various tokens for subject and body):

The Subject is using the following invalid tokens: [site:name]

the error for the body of the reset email does not include the [user:one-time-login-url] token, which makes sense since that value gets inserted in the mail. but that token is there in the error for several other of the emails. interesting.

i will do a core code refresh, just in case.

 

I've tested on two sites and all works as should.

Please check your own changes, try to temporary disable your custom modules and/or switch to default theme to find out problem location.

Check filesystem permissions, PHP and web-server logs, site's recent messages log - at least.
Hope you find something useful.

thanks much for the response. after several hours of trying everything i could think of to figure it out, i finally just replaced core from the current zip file (and ran update.php to be safe), and viola! the problem was gone. not sure why that did it, i just wish that had been the first thing i tried.

i'll close this out.