Invio programmatico del link per la reimpostazione della password

Question

Invio programmatico del link per la reimpostazione della password

38

50352 2012-07-31

Ho questapagina creatamanualmente:

 $user_login = sanitize_text_field( $_GET['user_login'] );

if ( username_exists( $user_login ) ||  email_exists($user_login) ) { ?>
<!--Everything has been validated, proceed ....-->

<!DOCTYPE HTML>
<html lang="en-US">
<head>
    <meta charset="UTF-8">
    <title></title>
    <script type="text/javascript">
        function submit()
        {
            var f = document.getElementById('lostpasswordform');
            f.onclick = function () { };
            document.lostpasswordform.submit();
        }
    </script>
</head>
<body onload="submit()">

    <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">

        <input type="hidden" name="user_login" id="user_login" class="input" value="<?php echo ($user_login); ?>" />

    <?php do_action('lost_password'); ?>

    </form>

</body>
</html>

<?php
    echo "SUCCESS";
    exit();
} else {
    echo "Entered Username or Email was incorrect, please try again!";
}

... sembratutto apostomanonfunziona quando viene chiamato da un'app,ma se visitomanualmente domain.com/forgot-password?user_login=usernameinviailpass di ripristinoemail aposto.

I have this manually created page:

$user_login = sanitize_text_field( $_GET['user_login'] );

if ( username_exists( $user_login ) ||  email_exists($user_login) ) { ?>
<!--Everything has been validated, proceed ....-->

<!DOCTYPE HTML>
<html lang="en-US">
<head>
    <meta charset="UTF-8">
    <title></title>
    <script type="text/javascript">
        function submit()
        {
            var f = document.getElementById('lostpasswordform');
            f.onclick = function () { };
            document.lostpasswordform.submit();
        }
    </script>
</head>
<body onload="submit()">

    <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">

        <input type="hidden" name="user_login" id="user_login" class="input" value="<?php echo ($user_login); ?>" />

    <?php do_action('lost_password'); ?>

    </form>

</body>
</html>

<?php
    echo "SUCCESS";
    exit();
} else {
    echo "Entered Username or Email was incorrect, please try again!";
}

... everything seems right but it doesn't work when called from an app, but if I manually visit domain.com/forgot-password?user_login=username it does send the reset pass email fine.

fonte
Nimbuz

- per "app"intendi "plugin"
  
  by `app` do you mean `plugin`
  - 0
  - 2012-08-01
  - amit
- no,app - Android
  
  no, app - android
  - 0
  - 2012-08-01
  - Nimbuz
- _nonfunziona_ cosa succede?
  
  _doesn't work_ what happens?
  - 0
  - 2012-08-03
  - pcarvalho

7 risposta

voti

20

2014-03-10

La rispostaprecedentenon hafunzionatoperme (dice cheil codicenon è valido,nellapagina di accesso di wp),probabilmenteperché la risposta è vecchia di 1,5 annie qualcosa è cambiatonel codice WP,quindi ho aggiornato unpo 'questo codice (anche da wp-login.php),eccolo:

 function retrieve_password($user_login){
    global $wpdb, $wp_hasher;

    $user_login = sanitize_text_field($user_login);

    if ( empty( $user_login) ) {
        return false;
    } else if ( strpos( $user_login, '@' ) ) {
        $user_data = get_user_by( 'email', trim( $user_login ) );
        if ( empty( $user_data ) )
           return false;
    } else {
        $login = trim($user_login);
        $user_data = get_user_by('login', $login);
    }

    do_action('lostpassword_post');


    if ( !$user_data ) return false;

    // redefining user_login ensures we return the right case in the email
    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;

    do_action('retreive_password', $user_login);  // Misspelled and deprecated
    do_action('retrieve_password', $user_login);

    $allow = apply_filters('allow_password_reset', true, $user_data->ID);

    if ( ! $allow )
        return false;
    else if ( is_wp_error($allow) )
        return false;

    $key = wp_generate_password( 20, false );
    do_action( 'retrieve_password_key', $user_login, $key );

    if ( empty( $wp_hasher ) ) {
        require_once ABSPATH . 'wp-includes/class-phpass.php';
        $wp_hasher = new PasswordHash( 8, true );
    }
    $hashed = $wp_hasher->HashPassword( $key );
    $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );

    $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    $message .= network_home_url( '/' ) . "\r\n\r\n";
    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
    $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
    $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";

    if ( is_multisite() )
        $blogname = $GLOBALS['current_site']->site_name;
    else
        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);

    $title = sprintf( __('[%s] Password Reset'), $blogname );

    $title = apply_filters('retrieve_password_title', $title);
    $message = apply_filters('retrieve_password_message', $message, $key);

    if ( $message && !wp_mail($user_email, $title, $message) )
        wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') );

    echo '<p>Link for password reset has been emailed to you. Please check your email.</p>';;
}

Previous answer didn't worked for me (says that code is invalid, on wp login page), probably because answer is 1,5 yr old, and something is changed in WP code, so I have updated this code a bit (also from wp-login.php), here it is:

function retrieve_password($user_login){
    global $wpdb, $wp_hasher;

    $user_login = sanitize_text_field($user_login);

    if ( empty( $user_login) ) {
        return false;
    } else if ( strpos( $user_login, '@' ) ) {
        $user_data = get_user_by( 'email', trim( $user_login ) );
        if ( empty( $user_data ) )
           return false;
    } else {
        $login = trim($user_login);
        $user_data = get_user_by('login', $login);
    }

    do_action('lostpassword_post');


    if ( !$user_data ) return false;

    // redefining user_login ensures we return the right case in the email
    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;

    do_action('retreive_password', $user_login);  // Misspelled and deprecated
    do_action('retrieve_password', $user_login);

    $allow = apply_filters('allow_password_reset', true, $user_data->ID);

    if ( ! $allow )
        return false;
    else if ( is_wp_error($allow) )
        return false;

    $key = wp_generate_password( 20, false );
    do_action( 'retrieve_password_key', $user_login, $key );

    if ( empty( $wp_hasher ) ) {
        require_once ABSPATH . 'wp-includes/class-phpass.php';
        $wp_hasher = new PasswordHash( 8, true );
    }
    $hashed = $wp_hasher->HashPassword( $key );
    $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );

    $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    $message .= network_home_url( '/' ) . "\r\n\r\n";
    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
    $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
    $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";

    if ( is_multisite() )
        $blogname = $GLOBALS['current_site']->site_name;
    else
        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);

    $title = sprintf( __('[%s] Password Reset'), $blogname );

    $title = apply_filters('retrieve_password_title', $title);
    $message = apply_filters('retrieve_password_message', $message, $key);

    if ( $message && !wp_mail($user_email, $title, $message) )
        wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') );

    echo '<p>Link for password reset has been emailed to you. Please check your email.</p>';;
}

fonte
DzoniT

Questo hafunzionatoperme.La risposta accettataper 3.8.1non hafunzionatoed èterminata con una chiave scaduta.Inparticolare,nell'elaborazione di "$ key"e nell'aggiornamento di "user_activation_key".

This worked out for me. The accepted answer for 3.8.1 did not worked and ended in expired key. Specifically, in `$key` processing and updating `user_activation_key`.
- 0
- 2014-03-27
- Rolice
Questa risposta ha anche comportatoperme un collegamento scadutoe non hafunzionato.

This answer also resulted in an expired link for me and did not work.
- 1
- 2017-01-05
- carbide20

- 8
- 2015-08-30
Honotato che dopo aver aggiornato WordPress alla versione 4.3 che quanto sopranonfunzionavapiùperilmiopluginpersonalizzato.Segnalerebbe sempre che la chiavenonera valida.

Modifica:

$hashed = $wp_hasher->HashPassword( $key );

a

$hashed = time() . ':' . $wp_hasher->HashPassword( $key );

Questo ha risoltoilproblemaperme,spero che aiuti qualcun altro
I noticed that after upgrading WordPress to Version 4.3 that the above no longer worked for my custom plugin. It would always report that the key was invalid.

Change:

$hashed = $wp_hasher->HashPassword( $key );

to

$hashed = time() . ':' . $wp_hasher->HashPassword( $key );

This fixed the issue for me, hope it helps someone else

6

2017-07-31

Nessuna delle risposteprecedenti hafunzionatoperme,quindi hoesaminato wp-login.phpper lafunzionalità di ripristinopredefinita. Hanno usato lafunzioneget_password_reset_key ($ userData). Nel casoin cui qualcuno abbiabloccato le risposte sopra,ecco lamia soluzione: -

             $userData = get_userdata($user_id);             

            $user_login = $userData->user_login;
            $user_email = $userData->user_email;
            $key = get_password_reset_key( $userData );


            $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
            $message .= network_home_url( '/' ) . "\r\n\r\n";
            $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
            $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
            $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
            $message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login');

None of the above answer worked for me so I looked into wp-login.php for their default reset functionality. They used get_password_reset_key( $userData ) function . In case someone stuck up on above answers here's my solution :-

            $userData = get_userdata($user_id);             

            $user_login = $userData->user_login;
            $user_email = $userData->user_email;
            $key = get_password_reset_key( $userData );


            $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
            $message .= network_home_url( '/' ) . "\r\n\r\n";
            $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
            $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
            $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
            $message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login');

4

2015-12-08

Wordpress 4.3.1

 function retrieve_password($user_login){
    global $wpdb, $wp_hasher;
    $user_login = sanitize_text_field($user_login);
    if ( empty( $user_login) ) {
        return false;
    } else if ( strpos( $user_login, '@' ) ) {
        $user_data = get_user_by( 'email', trim( $user_login ) );
        if ( empty( $user_data ) )
           return false;
    } else {
        $login = trim($user_login);
        $user_data = get_user_by('login', $login);
    }

    do_action('lostpassword_post');
    if ( !$user_data ) return false;
    // redefining user_login ensures we return the right case in the email
    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;
    do_action('retreive_password', $user_login);  // Misspelled and deprecated
    do_action('retrieve_password', $user_login);
    $allow = apply_filters('allow_password_reset', true, $user_data->ID);
    if ( ! $allow )
        return false;
    else if ( is_wp_error($allow) )
        return false;
    $key = wp_generate_password( 20, false );
    do_action( 'retrieve_password_key', $user_login, $key );

    if ( empty( $wp_hasher ) ) {
        require_once ABSPATH . 'wp-includes/class-phpass.php';
        $wp_hasher = new PasswordHash( 8, true );
    }
    $hashed = $wp_hasher->HashPassword( $key );    
    $wpdb->update( $wpdb->users, array( 'user_activation_key' => time().":".$hashed ), array( 'user_login' => $user_login ) );
    $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    $message .= network_home_url( '/' ) . "\r\n\r\n";
    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
    $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
    $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";

    if ( is_multisite() )
        $blogname = $GLOBALS['current_site']->site_name;
    else
        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);

    $title = sprintf( __('[%s] Password Reset'), $blogname );

    $title = apply_filters('retrieve_password_title', $title);
    $message = apply_filters('retrieve_password_message', $message, $key);

    if ( $message && !wp_mail($user_email, $title, $message) )
        wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') );

    echo '<p>Link for password reset has been emailed to you. Please check your email.</p>';;
}

Wordpress 4.3.1

function retrieve_password($user_login){
    global $wpdb, $wp_hasher;
    $user_login = sanitize_text_field($user_login);
    if ( empty( $user_login) ) {
        return false;
    } else if ( strpos( $user_login, '@' ) ) {
        $user_data = get_user_by( 'email', trim( $user_login ) );
        if ( empty( $user_data ) )
           return false;
    } else {
        $login = trim($user_login);
        $user_data = get_user_by('login', $login);
    }

    do_action('lostpassword_post');
    if ( !$user_data ) return false;
    // redefining user_login ensures we return the right case in the email
    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;
    do_action('retreive_password', $user_login);  // Misspelled and deprecated
    do_action('retrieve_password', $user_login);
    $allow = apply_filters('allow_password_reset', true, $user_data->ID);
    if ( ! $allow )
        return false;
    else if ( is_wp_error($allow) )
        return false;
    $key = wp_generate_password( 20, false );
    do_action( 'retrieve_password_key', $user_login, $key );

    if ( empty( $wp_hasher ) ) {
        require_once ABSPATH . 'wp-includes/class-phpass.php';
        $wp_hasher = new PasswordHash( 8, true );
    }
    $hashed = $wp_hasher->HashPassword( $key );    
    $wpdb->update( $wpdb->users, array( 'user_activation_key' => time().":".$hashed ), array( 'user_login' => $user_login ) );
    $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    $message .= network_home_url( '/' ) . "\r\n\r\n";
    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
    $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
    $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";

    if ( is_multisite() )
        $blogname = $GLOBALS['current_site']->site_name;
    else
        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);

    $title = sprintf( __('[%s] Password Reset'), $blogname );

    $title = apply_filters('retrieve_password_title', $title);
    $message = apply_filters('retrieve_password_message', $message, $key);

    if ( $message && !wp_mail($user_email, $title, $message) )
        wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') );

    echo '<p>Link for password reset has been emailed to you. Please check your email.</p>';;
}

- 1
- 2020-02-20
Poiché la soluzioneprecedentenonfunzionavaperme,ho apportatopiccolemodifiche al codice dibhavesh vala.

Sostituisci:

$key = wp_generate_password( 20, false );

Con questo:

$key = get_password_reset_key( $user_data );

Enon ènecessario utilizzare la query di aggiornamento,quindi rimuovi la query seguente:

$wpdb->update( $wpdb->users, array( 'user_activation_key' => time().":".$hashed ), array( 'user_login' => $user_login ) );

Buonaprogrammazione !!!
Since the above solution was not working for me I did a minor changes in the bhavesh vala's code.

Replace :

$key = wp_generate_password( 20, false );

With this :

$key = get_password_reset_key( $user_data );

And you don't need to use the update query, so remove the below query :

$wpdb->update( $wpdb->users, array( 'user_activation_key' => time().":".$hashed ), array( 'user_login' => $user_login ) );

Happy coding!!!

0

2015-10-23

Prova questo

 $wpdb->update( $wpdb->users, array( 'user_activation_key' => $key ), array( 'user_login' => $user_login ) );

invece di

 $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );

Mi hafunzionato (wordpress 4.3.1)

Try this

$wpdb->update( $wpdb->users, array( 'user_activation_key' => $key ), array( 'user_login' => $user_login ) );

instead of

$wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );

It worked me (wordpress 4.3.1)

fonte
Ashok

nvartolomei · Accepted Answer · 2012-08-03

27

2012-08-03

Quindi,se vuoiinviareil linkper la reimpostazione dellapassworde hai accesso al codicebase,puoi usareil seguenteframmentoe puoimodificarlo ulteriormente,in realtà quel codice è una versione leggermentemodificata di wp-login.php

 /**
 * Gestisce l'invio die-mail di recuperopassword all'utente.
 *
 * @ utilizza l'oggetto database WordPress $ wpdb
 * @param string $ user_login Accesso utente oe-mail
 * @returnbooltruein caso di successofalsein caso dierrore
 */
funzione retrieve_password ($ user_login) {
 global $ wpdb,$ current_site;

 if (vuoto ($ user_login)) {
        returnfalse;
    }elseif (strpos ($ user_login,'@')) {
        $ user_data=get_user_by ('email',trim ($ user_login));
 if (vuoto ($ user_data))
           returnfalse;
    } altro {
        $ login=trim ($ user_login);
        $ user_data=get_user_by ('login',$ login);
    }

    do_action ('lostpassword_post');


 if (! $ user_data) restituiscefalse;

//la ridefinizione di user_logingarantisce la restituzione del caso correttonell'email
    $ user_login=$ user_data- > user_login;
    $ user_email=$ user_data- > user_email;

    do_action ('retreive_password',$ user_login);//Errori di ortografiae deprecato
    do_action ('retrieve_password',$ user_login);

    $ allow=apply_filters ('allow_password_reset',true,$ user_data- > ID);

 if (! $ allow)
        returnfalse;
    altrimentiif (is_wp_error ($ allow))
        returnfalse;

    $ key=$ wpdb- >get_var ($ wpdb- >prepare ("SELECT user_activation_key FROM $ wpdb- > users WHERE user_login=% s",$ user_login));
 if (vuoto ($ chiave)) {
//Genera qualcosa di casualeper una chiave ...
        $ chiave=wp_generate_password (20,false);
        do_action ('retrieve_password_key',$ user_login,$ key);
//Orainserisci lanuova chiavemd5nel db
        $ wpdb- > update ($ wpdb- > users,array ('user_activation_key'=> $ key),array ('user_login'=> $ user_login));
    }
    $message=__ ('Qualcuno ha richiesto la reimpostazione dellapasswordperil seguente account:'). "\ r \n \ r \n";
    $messaggio.=network_home_url ('/'). "\ r \n \ r \n";
    $messaggio.=sprintf (__ ('Username:% s'),$ user_login). "\ r \n \ r \n";
    $messaggio.=__ ('Se è stato unerrore,ignora questaemaile non succederànulla.'). "\ r \n \ r \n";
    $message.=__ ('Per reimpostare lapassword,visitail seguenteindirizzo:'). "\ r \n \ r \n";
    $messaggio.="& lt;" .network_site_url ("wp-login.php? action=rp & amp; key=$ key & amp; login=". rawurlencode ($ user_login),'login'). "> \ r \n";

 if (is_multisite ())
        $blogname=$ GLOBALS ['current_site'] - > site_name;
    altro
//L'opzioneblogname viene salvata conesc_html duranteilpercorsonel databasein sanitize_option
//vogliamoinvertire questa situazioneper l'arena deltestonormale dellee-mail.
        $blogname=wp_specialchars_decode (get_option ('blogname'),ENT_QUOTES);

    $title=sprintf (__ ('[% s] Reimpostapassword'),$blogname);

    $title=apply_filters ('retrieve_password_title',$title);
    $messaggio=filtri_applica ('retrieve_password_message',$messaggio,$ chiave);

 if ($messaggio & amp; & amp;! wp_mail ($ utente_email,$titolo,$messaggio))
        wp_die (__ ('L'e-mailnonpuòessereinviata.'). "& lt;br/> \n". __ ('Possibilemotivo:iltuo hostpotrebbe aver disabilitato lafunzionemail () ...')) ;

    restituire vero;
}

$ user_login=sanitize_text_field ($ _GET ['user_login']);

if (retrieve_password ($ user_login)) {
 echo "SUCCESS";
} altro {
 echo "ERRORE";
}

So if you want to send that the reset password link and you have access to the code base you can use the following snippet and you can modify it further, actually that code is slightly modified version of wp-login.php

/**
 * Handles sending password retrieval email to user.
 *
 * @uses $wpdb WordPress Database object
 * @param string $user_login User Login or Email
 * @return bool true on success false on error
 */
function retrieve_password($user_login) {
    global $wpdb, $current_site;

    if ( empty( $user_login) ) {
        return false;
    } else if ( strpos( $user_login, '@' ) ) {
        $user_data = get_user_by( 'email', trim( $user_login ) );
        if ( empty( $user_data ) )
           return false;
    } else {
        $login = trim($user_login);
        $user_data = get_user_by('login', $login);
    }

    do_action('lostpassword_post');


    if ( !$user_data ) return false;

    // redefining user_login ensures we return the right case in the email
    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;

    do_action('retreive_password', $user_login);  // Misspelled and deprecated
    do_action('retrieve_password', $user_login);

    $allow = apply_filters('allow_password_reset', true, $user_data->ID);

    if ( ! $allow )
        return false;
    else if ( is_wp_error($allow) )
        return false;

    $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login));
    if ( empty($key) ) {
        // Generate something random for a key...
        $key = wp_generate_password(20, false);
        do_action('retrieve_password_key', $user_login, $key);
        // Now insert the new md5 key into the db
        $wpdb->update($wpdb->users, array('user_activation_key' => $key), array('user_login' => $user_login));
    }
    $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    $message .= network_home_url( '/' ) . "\r\n\r\n";
    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
    $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
    $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";

    if ( is_multisite() )
        $blogname = $GLOBALS['current_site']->site_name;
    else
        // The blogname option is escaped with esc_html on the way into the database in sanitize_option
        // we want to reverse this for the plain text arena of emails.
        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);

    $title = sprintf( __('[%s] Password Reset'), $blogname );

    $title = apply_filters('retrieve_password_title', $title);
    $message = apply_filters('retrieve_password_message', $message, $key);

    if ( $message && !wp_mail($user_email, $title, $message) )
        wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') );

    return true;
}

$user_login = sanitize_text_field( $_GET['user_login'] );

if (retrieve_password($user_login)) {
    echo "SUCCESS";
} else {
    echo "ERROR";
}

Questononfunzionaesattamenteperme.L'hoinseritoin unplug-inpersonalizzatoe l'hoinserito sulmio sito,ma sta causando unproblemaper cui quandoinstalloilplug-ine poifaccio clic su "Logout"nonmi disconnetterà dal sito.Qualcheidea sulperché?

This isn't working for me exactly right. I've entered it into a custom plugin and put it on my site but it's causing an issue where when I install the plugin and then click 'Logout' it won't log me out of the site. Any ideas why?
- 0
- 2013-10-11
- MxmastaMills