diff --git a/lang/en/moodle.php b/lang/en/moodle.php
index b41fd326ef0..f3f03d01cfa 100644
--- a/lang/en/moodle.php
+++ b/lang/en/moodle.php
@@ -606,6 +606,11 @@ $string['emailpasswordconfirmationsubject'] = '{$a}: Change password confirmatio
$string['emailpasswordconfirmmaybesent'] = '
If you supplied a correct username or email address then an email should have been sent to you.
It contains easy instructions to confirm and complete this password change.
If you continue to have difficulty, please contact the site administrator.
';
+$string['emailpasswordconfirmnoemail'] = 'The user account you specified does not have a recorded email address.
+ Please contact the site administrator.
';
+$string['emailpasswordconfirmnotsent'] = 'The user detail you supplied does not identify an existing user account.
+ Please check the detail you entered, then try again.
+If you continue to have difficulty, please contact the site administrator.
';
$string['emailpasswordconfirmsent'] = 'An email should have been sent to your address at {$a}.
It contains easy instructions to confirm and complete this password change.
If you continue to have difficulty, contact the site administrator.';
diff --git a/login/lib.php b/login/lib.php
index 6326ac86f04..7d8f63b48ed 100644
--- a/login/lib.php
+++ b/login/lib.php
@@ -71,11 +71,14 @@ function forgotpw_process_request() {
// Print general (non-commital) message
notice(get_string('emailpasswordconfirmmaybesent'), $CFG->wwwroot.'/index.php');
die; // never reached
- } elseif (empty($user) || empty($user->email)) {
- // Protect usernames is off, and we either couldn't find the user, or they don't have an email set.
- // Still print non-commital message
- // This is a big usability problem - need to tell users when we couldn't find the details they requested.
- notice(get_string('emailpasswordconfirmmaybesent'), $CFG->wwwroot.'/index.php');
+ } elseif (empty($user)) {
+ // Protect usernames is off, and we couldn't find the user with details specified.
+ // Print failure advice:
+ notice(get_string('emailpasswordconfirmnotsent'), $CFG->wwwroot.'/forgot_password.php');
+ die; // never reached
+ } elseif (empty($user->email)) {
+ // User doesn't have an email set - can't send a password change confimation email.
+ notice(get_string('emailpasswordconfirmnoemail'), $CFG->wwwroot.'/index.php');
die; // never reached
} elseif ($pwresetstatus == PWRESET_STATUS_NOEMAILSENT) {
// User found, protectusernames is off, but user is not confirmed