I've just done an update to my wordpress multisite and I am now running the latest wordpress version 3.7.1
Since doing this update, my custom email for password reset has now broken.
Please see code below...
add_filter ("retrieve_password_message", "my_awesome_retrieve_password_message", 10, 2 );
function my_awesome_retrieve_password_message($content, $key) {
global $wpdb;
$user_login = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_activation_key = '$key'");
$user = get_user_by('login', $user_login);
?>
Reset Password
Hello <?php echo $user->first_name; ?>
<?php echo wp_login_url('url'); ?>?action=rp&key=<?php echo $key; ?>&login=<?php echo $user_login; ?>
<?php } ?>
Luckily my key still works, but the <strong>$user_login</strong> no longer work anymore!
So the link which is outputted is this...
<strong>http://mywebsite.com/wp-login.php?redirect_to=url?action=rp&key=FnLN8NpKZWFpjd1GTho3&login=
</strong>
As you can see it is just missing the user login from the end of the link. This is obviously <strong>$user</strong> variable to break to.
Can anyone help me fix <strong>$user_login</strong> please? As it's only since the update which as caused this issue.
Thanks
Dbranes answers:
I'm not sure you can use <strong>$key</strong> to find the corresponding <strong>user_activation_key </strong>in the database table, because each time you go for a password reset, <strong>user_activation_key</strong> is updated with the <strong>$hashed</strong> version of the <strong>$key</strong>.
You can try to use <strong>$_POST['user_login']</strong> instead to find the correct user.
So you have to determine if it's an <em>email </em>or a <em>username</em>.
Josh Cranwell comments:
I'm not sure I follow?
Is the user login I need.
Dbranes comments:
You can try this (untested):
function my_awesome_retrieve_password_message( $content, $key )
{
$input = filter_input( INPUT_POST, 'user_login', FILTER_SANITIZE_STRING );
if( is_email( $input ) )
{
$user = get_user_by( 'email', $user_login );
}
else
{
$user = get_user_by( 'login', sanitize_user( $input ) );
}
$content = 'Reset Password';
$content .= PHPEOL;
$content .= sprintf( 'Hello %s', $user->first_name );
$content .= PHPEOL;
$content .= sprintf( '%s?action=rp&key=%s&login=%s', wp_login_url('url'), $key, $input );
$content .= PHPEOL;
return $content;
}
add_filter ( 'retrieve_password_message', 'my_awesome_retrieve_password_message', 10, 2 );
ps: I'm still confused abouth $hash versus $key ;-)
Josh Cranwell comments:
Ah sweet the reset link is finally working, but the $user->first_name is still not working... see my code below...
add_filter ("retrieve_password_message", "my_awesome_retrieve_password_message", 10, 2 );
function my_awesome_retrieve_password_message($content, $key) {
$input = filter_input( INPUT_POST, 'user_login', FILTER_SANITIZE_STRING );
if( is_email( $input ) )
{
$user = get_user_by( 'email', $user_login );
}
else
{
$user = get_user_by( 'login', sanitize_user( $input ) );
}
ob_start();
$email_subject = my_awesome_retrieve_password_title();
include("email_header.php");
?>
Create Password
<h1><?php echo sprintf( 'Hello %s', $user->first_name ); ?>,</h1>
<p>You have requested to create a password</p>
<p><a href="<?php echo sprintf( '%s?action=rp&key=%s&login=%s', wp_login_url('url'), $key, $input ); ?>" title="Click here" target="_blank">Reset password now</a></p>
<?php
include("email_footer.php");
$message = ob_get_contents();
ob_end_clean();
return $message;
}
Can you help fix the <strong>$user </strong>variable?
Thanks
Dbranes comments:
ok great, what about $user->display_name instead ?
Josh Cranwell comments:
Wooooo - figured it out, changed this line...
$user = get_user_by( 'email', $user_login );
to
$user = get_user_by( 'email', $input );
And it now works and the reset link still works :-)
Thanks a lot for your help again!
Arnav Joy answers:
try this
<?php
add_filter ("retrieve_password_message", "my_awesome_retrieve_password_message", 10, 2 );
function my_awesome_retrieve_password_message($content, $key) {
global $wpdb;
$user_login = $wpdb->get_var("SELECT ID,user_login FROM $wpdb->users WHERE user_activation_key = '$key'");
$user = get_user_by('login', $user_login);
$user_info = get_userdata($user->ID);
?>
Reset Password
Hello <?php echo $user->first_name; ?>
<?php echo wp_login_url('url'); ?>?action=rp&key=<?php echo $key; ?>&login=<?php echo $user_info->user_login; ?>
<?php } ?>
Josh Cranwell comments:
Thanks but remember the user is not logged in when resetting their password so this does not work.
The only thing to cross reference the user is the user_activation_key
Thanks
Arnav Joy comments:
Have you tried that?
Josh Cranwell comments:
Yeah i did it did not work :-(
Ryan S answers:
Can you var_dump( $user_login ); and see what you got?
Josh Cranwell comments:
Think I've nearly solved the problem thanks
Bob answers:
When I tested your code in localhost it gives me user_login information properly
Reset Password Hello Fname http://localhost/sites/test/wp-login.php?redirect_to=url?action=rp&key=LT7xSsm3RU3LZkdqv3uV&login=admin
Do you have installed any other plugin which might affect your filter?
Try by changing priority parameter of add_filter function to some high value.
Bob comments:
When I tested your code in localhost it gives me user_login information properly
Reset Password Hello Fname http://localhost/sites/test/wp-login.php?redirect_to=url?action=rp&key=LT7xSsm3RU3LZkdqv3uV&login=admin
Do you have installed any other plugin which might affect your filter?
Try by changing priority parameter of add_filter function to some high value.
Josh Cranwell comments:
See I'm pretty sure wordpress have changed something in the core becuase this worked for me too. But now I am running the latest wordpress it does not work like it used too.
Are you using the latest wordpress? Also have not added any new plugins or functions. Only have like 6 plugins installed.