3 files changed, 136 insertions, 56 deletions

diff --git a/modules/system/system.tokens.inc b/modules/system/system.tokens.inc
index 07afe5deb..01687f0c2 100644
--- a/modules/system/system.tokens.inc
+++ b/modules/system/system.tokens.inc
@@ -48,6 +48,10 @@ function system_token_info() {
     'name' => t("URL"),
     'description' => t("The URL of the site's front page."),
   );
+  $site['url-brief'] = array(
+    'name' => t("URL (brief)"),
+    'description' => t("The URL of the site's front page without the protocol."),
+  );  
   $site['login-url'] = array(
     'name' => t("Login page"),
     'description' => t("The URL of the site's login page."),
@@ -181,6 +185,10 @@ function system_tokens($type, $tokens, array $data = array(), array $options = a
           $replacements[$original] = url('<front>', $url_options);
           break;
 
+        case 'url-brief':
+          $replacements[$original] = preg_replace('!^https?://!', '', url('<front>', $url_options)); 
+          break;
+
         case 'login-url':
           $replacements[$original] = url('user', $url_options);
           break;
diff --git a/modules/user/user.admin.inc b/modules/user/user.admin.inc
index 334c13a92..585e17971 100644
--- a/modules/user/user.admin.inc
+++ b/modules/user/user.admin.inc
@@ -406,7 +406,7 @@ function user_admin_settings() {
   );
   // These email tokens are shared for all settings, so just define
   // the list once to help ensure they stay in sync.
-  $email_token_help = t('Available variables are:') . ' !username, !site, !password, !uri, !uri_brief, !mailto, !date, !login_uri, !edit_uri, !login_url, !cancel_url.';
+  $email_token_help = t('Available variables are:') . ' [site:name], [site:url], [user:name], [user:mail], [site:login-url], [user:edit-url], [user:password], [user:one-time-login-url], [user:cancel-url].';
 
   $form['email_admin_created'] = array(
     '#type' => 'fieldset',
diff --git a/modules/user/user.module b/modules/user/user.module
index ad3690c03..57c6cd39f 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -2103,7 +2103,7 @@ function user_build_content($account) {
  */
 function user_mail($key, &$message, $params) {
   $language = $message['language'];
-  $variables = user_mail_tokens($params['account'], $language);
+  $variables = array('user' => $params['account']);
   $message['subject'] .= _user_mail_text($key . '_subject', $language, $variables);
   $message['body'][] = _user_mail_text($key . '_body', $language, $variables);
 }
@@ -2118,60 +2118,163 @@ function _user_mail_text($key, $language = NULL, $variables = array()) {
 
   if ($admin_setting = variable_get('user_mail_' . $key, FALSE)) {
     // An admin setting overrides the default string.
-    return strtr($admin_setting, $variables);
+    $text = $admin_setting;
   }
   else {
     // No override, return default string.
     switch ($key) {
       case 'register_no_approval_required_subject':
-        return t('Account details for !username at !site', $variables, array('langcode' => $langcode));
+        $text = t('Account details for [user:name] at [site:name]', array(), array('langcode' => $langcode));
+        break;
       case 'register_no_approval_required_body':
-        return t("!username,\n\nThank you for registering at !site. You may now log in to !login_uri using the following username and password:\n\nusername: !username\npassword: !password\n\nYou may also log in by clicking on this link or copying and pasting it in your browser:\n\n!login_url\n\nThis is a one-time login, so it can be used only once.\n\nAfter logging in, you will be redirected to !edit_uri so you can change your password.\n\n\n--  !site team", $variables, array('langcode' => $langcode));
+        $text = t("[user:name],
+
+Thank you for registering at [site:name]. You may now log in to [site:login-url] using the following username and password:
+
+username: [user:name]
+password: [user:password]
+
+You may also log in by clicking on this link or copying and pasting it in your browser:
+
+[user:one-time-login-url]
+
+This is a one-time login, so it can be used only once.
+
+After logging in, you will be redirected to [user:edit-url] so you can change your password.
+
+
+--  [site:name] team", array(), array('langcode' => $langcode));
+        break;
+
       case 'register_admin_created_subject':
-        return t('An administrator created an account for you at !site', $variables, array('langcode' => $langcode));
+        $text = t('An administrator created an account for you at [site:name]', array(), array('langcode' => $langcode));
+        break;
       case 'register_admin_created_body':
-        return t("!username,\n\nA site administrator at !site has created an account for you. You may now log in to !login_uri using the following username and password:\n\nusername: !username\npassword: !password\n\nYou may also log in by clicking on this link or copying and pasting it in your browser:\n\n!login_url\n\nThis is a one-time login, so it can be used only once.\n\nAfter logging in, you will be redirected to !edit_uri so you can change your password.\n\n\n--  !site team", $variables, array('langcode' => $langcode));
+        $text = t("[user:name],
+
+A site administrator at [site:name] has created an account for you. You may now log in to [site:login-url] using the following username and password:
+
+username: [user:name]
+password: [user:password]
+
+You may also log in by clicking on this link or copying and pasting it in your browser:
+
+[user:one-time-login-url]
+
+This is a one-time login, so it can be used only once.
+
+After logging in, you will be redirected to [user:edit-url] so you can change your password.
+
+
+--  [site:name] team", array(), array('langcode' => $langcode));
+        break;
+
       case 'register_pending_approval_subject':
       case 'register_pending_approval_admin_subject':
-        return t('Account details for !username at !site (pending admin approval)', $variables, array('langcode' => $langcode));
+        $text = t('Account details for [user:name] at [site:name] (pending admin approval)', array(), array('langcode' => $langcode));
+        break;
       case 'register_pending_approval_body':
-        return t("!username,\n\nThank you for registering at !site. Your application for an account is currently pending approval. Once it has been approved, you will receive another e-mail containing information about how to log in, set your password, and other details.\n\n\n--  !site team", $variables, array('langcode' => $langcode));
+        $text = t("[user:name],
+
+Thank you for registering at [site:name]. Your application for an account is currently pending approval. Once it has been approved, you will receive another e-mail containing information about how to log in, set your password, and other details.
+
+
+--  [site:name] team", array(), array('langcode' => $langcode));
+        break;
       case 'register_pending_approval_admin_body':
-        return t("!username has applied for an account.\n\n!edit_uri", $variables, array('langcode' => $langcode));
+        $text = t("[user:name] has applied for an account.
+
+[user:edit-url]", array(), array('langcode' => $langcode));
+        break;
+
       case 'password_reset_subject':
-        return t('Replacement login information for !username at !site', $variables, array('langcode' => $langcode));
+        $text = t('Replacement login information for [user:name] at [site:name]', array(), array('langcode' => $langcode));
+        break;
       case 'password_reset_body':
-        return t("!username,\n\nA request to reset the password for your account has been made at !site.\n\nYou may now log in to !uri_brief by clicking on this link or copying and pasting it in your browser:\n\n!login_url\n\nThis is a one-time login, so it can be used only once. It expires after one day and nothing will happen if it's not used.\n\nAfter logging in, you will be redirected to !edit_uri so you can change your password.", $variables, array('langcode' => $langcode));
+        $text = t("[user:name],
+
+A request to reset the password for your account has been made at [site:name].
+
+You may now log in to [site:uri-brief] by clicking on this link or copying and pasting it in your browser:
+
+[user:one-time-login-url]
+
+This is a one-time login, so it can be used only once. It expires after one day and nothing will happen if it's not used.
+
+After logging in, you will be redirected to [user:edit-url] so you can change your password.", array(), array('langcode' => $langcode));
+        break;
+
       case 'status_activated_subject':
-        return t('Account details for !username at !site (approved)', $variables, array('langcode' => $langcode));
+        $text = t('Account details for [user:name] at [site:name] (approved)', array(), array('langcode' => $langcode));
+        break;
       case 'status_activated_body':
-        return t("!username,\n\nYour account at !site has been activated.\n\nYou may now log in by clicking on this link or copying and pasting it in your browser:\n\n!login_url\n\nThis is a one-time login, so it can be used only once.\n\nAfter logging in, you will be redirected to !edit_uri so you can change your password.\n\nOnce you have set your own password, you will be able to log in to !login_uri in the future using:\n\nusername: !username\n", $variables, array('langcode' => $langcode));
+        $text = t("[user:name],
+
+Your account at [site:name] has been activated.
+
+You may now log in by clicking on this link or copying and pasting it in your browser:
+
+[site:login-url]
+
+This is a one-time login, so it can be used only once.
+
+After logging in, you will be redirected to [user:edit-url] so you can change your password.
+
+Once you have set your own password, you will be able to log in to [site:login-url] in the future using:
+
+username: [user:name]", array(), array('langcode' => $langcode));
+        break;
+
       case 'status_blocked_subject':
-        return t('Account details for !username at !site (blocked)', $variables, array('langcode' => $langcode));
+        $text = t('Account details for [user:name] at [site:name] (blocked)', array(), array('langcode' => $langcode));
+        break;
       case 'status_blocked_body':
-        return t("!username,\n\nYour account on !site has been blocked.", $variables, array('langcode' => $langcode));
+        $text = t("[user:name],\n\nYour account on [site:name] has been blocked.", array(), array('langcode' => $langcode));
+        break;
 
       case 'cancel_confirm_subject':
-        return t('Account cancellation request for !username at !site', $variables, array('langcode' => $langcode));
+        $text = t('Account cancellation request for [user:name] at [site:name]', array(), array('langcode' => $langcode));
+        break;
       case 'cancel_confirm_body':
-        return t("!username,
+        $text = t("[user:name],
 
-A request to cancel your account has been made at !site.
+A request to cancel your account has been made at [site:name].
 
-You may now cancel your account on !uri_brief by clicking this link or copying and pasting it into your browser:
+You may now cancel your account on [site:url-brief] by clicking this link or copying and pasting it into your browser:
 
-!cancel_url
+[user:cancel-url]
 
 NOTE: The cancellation of your account is not reversible.
 
-This link expires in one day and nothing will happen if it is not used.", $variables, array('langcode' => $langcode));
+This link expires in one day and nothing will happen if it is not used.", array(), array('langcode' => $langcode));
+        break;
 
       case 'status_canceled_subject':
-        return t('Account details for !username at !site (canceled)', $variables, array('langcode' => $langcode));
+        $text = t('Account details for [user:name] at [site:name] (canceled)', array(), array('langcode' => $langcode));
+        break;
       case 'status_canceled_body':
-        return t("!username,
+        $text = t("[user:name],
+
+Your account on [site:name] has been canceled.", array(), array('langcode' => $langcode));
+        break;
+    }
+  }
 
-Your account on !site has been canceled.", $variables, array('langcode' => $langcode));
+  return token_replace($text, $variables, array('language' => $language, 'callback' => 'user_mail_tokens'));
+}
+
+/**
+ * Token callback to add unsafe tokens for user mails.
+ *
+ * @see user_mail()
+ */
+function user_mail_tokens(&$replacements, $data, $options) {
+  if (isset($data['user'])) {
+    $replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user']);
+    $replacements['[user:cancel-url]'] = user_cancel_url($data['user']);
+
+    if (isset($data['user']->password) && !empty($data['user']->password)) {
+      $replacements['[user:password]'] = $data['user']->password;
     }
   }
 }
@@ -2748,37 +2851,6 @@ function theme_user_signature($signature) {
 }
 
 /**
- * Return an array of token to value mappings for user e-mail messages.
- *
- * @param $account
- *  The user object of the account being notified. Must contain at
- *  least the fields 'uid', 'name', and 'mail'.
- * @param $language
- *  Language object to generate the tokens with.
- * @return
- *  Array of mappings from token names to values (for use with strtr()).
- */
-function user_mail_tokens($account, $language) {
-  global $base_url;
-  $tokens = array(
-    '!username' => $account->name,
-    '!site' => variable_get('site_name', 'Drupal'),
-    '!login_url' => user_pass_reset_url($account),
-    '!cancel_url' => user_cancel_url($account),
-    '!uri' => $base_url,
-    '!uri_brief' => preg_replace('!^https?://!', '', $base_url),
-    '!mailto' => $account->mail,
-    '!date' => format_date(REQUEST_TIME, 'medium', '', NULL, $language->language),
-    '!login_uri' => url('user', array('absolute' => TRUE, 'language' => $language)),
-    '!edit_uri' => url('user/' . $account->uid . '/edit', array('absolute' => TRUE, 'language' => $language)),
-  );
-  if (!empty($account->password)) {
-    $tokens['!password'] = $account->password;
-  }
-  return $tokens;
-}
-
-/**
  * Get the language object preferred by the user. This user preference can
  * be set on the user account editing page, and is only available if there
  * are more than one languages enabled on the site. If the user did not