Ask your WordPress questions! Pay money and get answers fast! (more info)

add_filter retrieve_password_message reset link broken WordPress

  • SOLVED

I've just done an update to my wordpress multisite and I am now running the latest wordpress version 3.7.1

Since doing this update, my custom email for password reset has now broken.

Please see code below...


add_filter ("retrieve_password_message", "my_awesome_retrieve_password_message", 10, 2 );
function my_awesome_retrieve_password_message($content, $key) {

global $wpdb;
$user_login = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_activation_key = '$key'");
$user = get_user_by('login', $user_login);

?>

Reset Password

Hello <?php echo $user->first_name; ?>

<?php echo wp_login_url('url'); ?>?action=rp&amp;key=<?php echo $key; ?>&amp;login=<?php echo $user_login; ?>

<?php } ?>



Luckily my key still works, but the <strong>$user_login</strong> no longer work anymore!

So the link which is outputted is this...

<strong>http://mywebsite.com/wp-login.php?redirect_to=url?action=rp&key=FnLN8NpKZWFpjd1GTho3&login=
</strong>

As you can see it is just missing the user login from the end of the link. This is obviously <strong>$user</strong> variable to break to.

Can anyone help me fix <strong>$user_login</strong> please? As it's only since the update which as caused this issue.

Thanks

Answers (4)

2013-12-11

Dbranes answers:

I'm not sure you can use <strong>$key</strong> to find the corresponding <strong>user_activation_key </strong>in the database table, because each time you go for a password reset, <strong>user_activation_key</strong> is updated with the <strong>$hashed</strong> version of the <strong>$key</strong>.

You can try to use <strong>$_POST['user_login']</strong> instead to find the correct user.

So you have to determine if it's an <em>email </em>or a <em>username</em>.


Josh Cranwell comments:

I'm not sure I follow?

Is the user login I need.


Dbranes comments:

You can try this (untested):

function my_awesome_retrieve_password_message( $content, $key )
{
$input = filter_input( INPUT_POST, 'user_login', FILTER_SANITIZE_STRING );

if( is_email( $input ) )
{
$user = get_user_by( 'email', $user_login );
}
else
{
$user = get_user_by( 'login', sanitize_user( $input ) );
}

$content = 'Reset Password';
$content .= PHPEOL;
$content .= sprintf( 'Hello %s', $user->first_name );
$content .= PHPEOL;
$content .= sprintf( '%s?action=rp&amp;key=%s&amp;login=%s', wp_login_url('url'), $key, $input );
$content .= PHPEOL;

return $content;
}
add_filter ( 'retrieve_password_message', 'my_awesome_retrieve_password_message', 10, 2 );


ps: I'm still confused abouth $hash versus $key ;-)


Josh Cranwell comments:

Ah sweet the reset link is finally working, but the $user->first_name is still not working... see my code below...


add_filter ("retrieve_password_message", "my_awesome_retrieve_password_message", 10, 2 );
function my_awesome_retrieve_password_message($content, $key) {

$input = filter_input( INPUT_POST, 'user_login', FILTER_SANITIZE_STRING );

if( is_email( $input ) )
{
$user = get_user_by( 'email', $user_login );
}
else
{
$user = get_user_by( 'login', sanitize_user( $input ) );
}

ob_start();
$email_subject = my_awesome_retrieve_password_title();
include("email_header.php");
?>

Create Password

<h1><?php echo sprintf( 'Hello %s', $user->first_name ); ?>,</h1>

<p>You have requested to create a password</p>

<p><a href="<?php echo sprintf( '%s?action=rp&amp;key=%s&amp;login=%s', wp_login_url('url'), $key, $input ); ?>" title="Click here" target="_blank">Reset password now</a></p>

<?php
include("email_footer.php");
$message = ob_get_contents();
ob_end_clean();
return $message;
}



Can you help fix the <strong>$user </strong>variable?


Thanks


Dbranes comments:

ok great, what about $user->display_name instead ?


Josh Cranwell comments:

Wooooo - figured it out, changed this line...

$user = get_user_by( 'email', $user_login );

to

$user = get_user_by( 'email', $input );


And it now works and the reset link still works :-)


Thanks a lot for your help again!

2013-12-11

Arnav Joy answers:

try this


<?php
add_filter ("retrieve_password_message", "my_awesome_retrieve_password_message", 10, 2 );

function my_awesome_retrieve_password_message($content, $key) {



global $wpdb;

$user_login = $wpdb->get_var("SELECT ID,user_login FROM $wpdb->users WHERE user_activation_key = '$key'");

$user = get_user_by('login', $user_login);

$user_info = get_userdata($user->ID);

?>



Reset Password



Hello <?php echo $user->first_name; ?>



<?php echo wp_login_url('url'); ?>?action=rp&amp;key=<?php echo $key; ?>&amp;login=<?php echo $user_info->user_login; ?>



<?php } ?>


Josh Cranwell comments:

Thanks but remember the user is not logged in when resetting their password so this does not work.

The only thing to cross reference the user is the user_activation_key


Thanks


Arnav Joy comments:

Have you tried that?


Josh Cranwell comments:

Yeah i did it did not work :-(

2013-12-11

Ryan S answers:

Can you var_dump( $user_login ); and see what you got?


Josh Cranwell comments:

Think I've nearly solved the problem thanks

2013-12-11

Bob answers:

When I tested your code in localhost it gives me user_login information properly

Reset Password Hello Fname http://localhost/sites/test/wp-login.php?redirect_to=url?action=rp&key=LT7xSsm3RU3LZkdqv3uV&login=admin

Do you have installed any other plugin which might affect your filter?

Try by changing priority parameter of add_filter function to some high value.


Bob comments:

When I tested your code in localhost it gives me user_login information properly

Reset Password Hello Fname http://localhost/sites/test/wp-login.php?redirect_to=url?action=rp&key=LT7xSsm3RU3LZkdqv3uV&login=admin

Do you have installed any other plugin which might affect your filter?

Try by changing priority parameter of add_filter function to some high value.


Josh Cranwell comments:

See I'm pretty sure wordpress have changed something in the core becuase this worked for me too. But now I am running the latest wordpress it does not work like it used too.

Are you using the latest wordpress? Also have not added any new plugins or functions. Only have like 6 plugins installed.