I'm separating this from another chain where I committed the sin of combining two related, but still different, issues.  In that one, I asked about not sending the user password in the registration email.  I later found some older messages where apparently this was added as a feature, mainly for when an admin adds a user.  I don't intend to do that, and I don't like passwords in the clear.  Some seem to agree and others disagree. 

I think that, at the very least, the user should be warned that their password will be included, in the clear, in the email if they don't uncheck the box.  I also think that having it checked by default is not a good idea unless there was another, unchecked by default, about including the password.  But these are personal preferences, and the developers don't agree.

So, I have come up with the following solution to obfuscate the password. The format for the email is in function register_user embedded in web/include/functions_user.inc.php.

I created an obfusgate_pw function that I can use in get_l10n_args('Password: %s', stripslashes($password)) by replacing the stripslashes function with my obfusgate_pw one. It works great.  It sends the first and last characters of the passsword with asterisks in between. Hopefully, that will be enough to remind the user of what password was used.

But actually editing functions_user.inc.php is clearly not the correct way to do this.  Is there a good (and easy to read by a novice PHP programmer) example plug-in where the plug-in replaces a standard function instead of adding to it?

Here is the function to be put in PersonalPlugin:

/*
Password Obfuscation for email
*/
function obfuscate_pw($clear_pw)
 {
  $stripped_pw = stripslashes($clear_pw);   /* Still need to remove escape slashes*/
  $pad_len = strlen($stripped_pw)- 2;       /* Length of password - 2*/
  $pw_head = substr($stripped_pw,0,1);      /* First character of password*/
  $pw_tail = substr($stripped_pw,-1);       /* Last character of password*/
  $pw_pad = str_repeat("*",$pad_len);       /* Asterisks to fill middle*/
  return $pw_head.$pw_pad.$pw_tail;         /* Return obfuscated password for email*/
 }

There are probably more elegant ways to do it, but this allowed me to comment each line and be sure the syntax checker of the local files editor accepted it as I input most of it one line at a time.