/**
* Handles resetting the user's password.
*
* @since 2.5.0
*
* @param object $user The user
* @param string $new_pass New password for the user in plaintext
*/
function reset_password($user, $new_pass)
{
/**
* Fires before the user's password is reset.
*
* @since 1.5.0
*
* @param object $user The user.
* @param string $new_pass New user password.
*/
do_action('password_reset', $user, $new_pass);
wp_set_password($new_pass, $user->ID);
update_user_option($user->ID, 'default_password_nag', false, true);
wp_password_change_notification($user);
}
function reset_password($key)
{
global $wpdb, $SimpleLogin;
$key = preg_replace('/[^a-z0-9]/i', '', $key);
if (empty($key)) {
return new WP_Error('invalid_key', __('Invalid key', 'simplelogin'));
}
$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s", $key));
if (empty($user)) {
return new WP_Error('invalid_key', __('Invalid key', 'simplelogin'));
}
do_action('password_reset', $user);
// Generate something random for a password...
$new_pass = wp_generate_password();
wp_set_password($new_pass, $user->ID);
$from = $SimpleLogin->MailFrom();
$from_name = $SimpleLogin->MailFromName();
$subject = $SimpleLogin->GetOption('custom_user_pass_changed_mail_subject');
$message = $SimpleLogin->GetOption('custom_user_pass_changed_mail_message');
$replace_this = array('/%blogname%/', '/%siteurl%/', '/%user_login%/', '/%user_email%/', '/%user_pass%/', '/%user_ip%/');
$replace_with = array(get_option('blogname'), get_option('siteurl'), $user->user_login, $user->user_email, $new_pass, $_SERVER['REMOTE_ADDR']);
if (!empty($from)) {
add_filter('wp_mail_from', array(&$SimpleLogin, 'MailFrom'));
}
if (!empty($from_name)) {
add_filter('wp_mail_from_name', array(&$SimpleLogin, 'MailFromName'));
}
if (empty($subject)) {
$subject = sprintf(__('[%s] Your new password', 'simplelogin'), get_option('blogname'));
} else {
$subject = preg_replace($replace_this, $replace_with, $subject);
}
if (empty($message)) {
$message = sprintf(__('Username: %s', 'simplelogin'), $user->user_login) . "\r\n";
$message .= sprintf(__('Password: %s', 'simplelogin'), $new_pass) . "\r\n";
$message .= simplelogin_url(array('action' => 'login')) . "\r\n";
} else {
$message = preg_replace($replace_this, $replace_with, $message);
}
if (!wp_mail($user->user_email, $subject, $message)) {
die('<p>' . __('The e-mail could not be sent.', 'simplelogin') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...', 'simplelogin') . '</p>');
}
wp_password_change_notification($user);
return true;
}
/**
* Handles resetting the user's password.
*
* @param object $user The user
* @param string $new_pass New password for the user in plaintext
*/
function reset_password($user, $new_pass)
{
do_action('password_reset', $user, $new_pass);
wp_set_password($new_pass, $user->ID);
wp_password_change_notification($user);
}
/**
* Handles resetting the user's password.
*
* @access public
* @param object $user The user
* @param string $new_pass New password for the user in plaintext
* @return void
*/
public static function change_password($user, $new_pass)
{
do_action('password_reset', $user, $new_pass);
wp_set_password($new_pass, $user->ID);
if (!wpum_get_option('disable_admin_password_recovery_email')) {
wp_password_change_notification($user);
}
}
/**
* Handles resetting the user's password.
*
* @uses $wpdb WordPress Database object
*
* @param string $key Hash to validate sending user's password
* @return bool|WP_Error
*/
function reset_password($key, $login)
{
global $wpdb;
$key = preg_replace('/[^a-z0-9]/i', '', $key);
if (empty($key) || !is_string($key)) {
return new WP_Error('invalid_key', __('Invalid key'));
}
if (empty($login) || !is_string($login)) {
return new WP_Error('invalid_key', __('Invalid key'));
}
$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s AND user_login = %s", $key, $login));
if (empty($user)) {
return new WP_Error('invalid_key', __('Invalid key'));
}
// Generate something random for a password...
$new_pass = wp_generate_password();
do_action('password_reset', $user, $new_pass);
wp_set_password($new_pass, $user->ID);
update_usermeta($user->ID, 'default_password_nag', true);
//Set up the Password change nag.
$message = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
$message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
$message .= site_url('wp-login.php', 'login') . "\r\n";
$title = sprintf(__('[%s] Your new password'), get_option('blogname'));
$title = apply_filters('password_reset_title', $title);
$message = apply_filters('password_reset_message', $message, $new_pass);
if ($message && !wp_mail($user->user_email, $title, $message)) {
die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
}
wp_password_change_notification($user);
return true;
}
/**
* Handles resetting the user's password.
*
* @param object $user The user
* @param string $new_pass New password for the user in plaintext
*/
public static function reset_password($user, $new_pass)
{
do_action('password_reset', $user, $new_pass);
wp_set_password($new_pass, $user->ID);
self::set_reset_password_cookie();
wp_password_change_notification($user);
}
/**
* Handles resetting the user's password.
*
* @uses $wpdb WordPress Database object
*
* @param string $key Hash to validate sending user's password
* @return bool|WP_Error
*/
function reset_password($key, $login) {
global $wpdb;
$key = preg_replace('/[^a-z0-9]/i', '', $key);
if ( empty( $key ) || !is_string( $key ) )
return new WP_Error('invalid_key', __('Invalid key'));
if ( empty($login) || !is_string($login) )
return new WP_Error('invalid_key', __('Invalid key'));
$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s AND user_login = %s", $key, $login));
if ( empty( $user ) )
return new WP_Error('invalid_key', __('Invalid key'));
// Generate something random for a password...
$new_pass = wp_generate_password();
do_action('password_reset', $user, $new_pass);
wp_set_password($new_pass, $user->ID);
update_user_option($user->ID, 'default_password_nag', true, true); //Set up the Password change nag.
$message = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
$message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
$message .= site_url('wp-login.php', 'login') . "\r\n";
if ( is_multisite() )
$blogname = $GLOBALS['current_site']->site_name;
else
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
$title = sprintf( __('[%s] Your new password'), $blogname );
$title = apply_filters('password_reset_title', $title);
$message = apply_filters('password_reset_message', $message, $new_pass);
if ( $message && !wp_mail($user->user_email, $title, $message) )
wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') );
wp_password_change_notification($user);
return true;
}
/** FORGOT PASSWORD - AJAX - Make renew password action **/
function wps_forgot_password_renew()
{
global $wpdb;
$status = false;
$result = $form = '';
$password = !empty($_POST['pass1']) ? wpshop_tools::varSanitizer($_POST['pass1']) : null;
$confirm_password = !empty($_POST['pass2']) ? wpshop_tools::varSanitizer($_POST['pass2']) : null;
$activation_key = !empty($_POST['activation_key']) ? wpshop_tools::varSanitizer($_POST['activation_key']) : null;
$login = !empty($_POST['user_login']) ? wpshop_tools::varSanitizer($_POST['user_login']) : null;
if (!empty($password) && !empty($confirm_password) && $confirm_password == $password) {
if (!empty($activation_key) && !empty($login)) {
$existing_user = false;
$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s AND user_login = %s", $activation_key, $login));
if (empty($user)) {
$existing_user = true;
} else {
$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s AND user_email = %s", $activation_key, $login));
if (!empty($user)) {
$existing_user = true;
}
}
if ($existing_user) {
wp_set_password($password, $user->ID);
wp_password_change_notification($user);
$status = true;
$result = '<div class="wps-alert-success">' . __('Your password has been updated', 'wpshop') . '. <a href="#" id="display_connexion_form"> ' . __('Connect you', 'wpshop') . ' !</a></div>';
$form = self::get_login_form(true);
} else {
$result = '<div class=" wps-alert-error">' . __('Invalid activation key', 'wpshop') . '</div>';
}
} else {
$result = '<div class=" wps-alert-error">' . __('Invalid activation key', 'wpshop') . '</div>';
}
} else {
$result = '<div class="wps-alert-error">' . __('Password and confirmation password are differents', 'wpshop') . '</div>';
}
$response = array($status, $result, $form);
echo json_encode($response);
die;
}
/**
* Handles resetting the user's password.
*
* @param object $user The user
* @param string $new_pass New password for the user in plaintext
*/
function reset_password($user, $new_pass)
{
do_action('password_reset', $user, $new_pass);
wp_set_password($new_pass, $user->ID);
update_user_option($user->ID, 'default_password_nag', false, true);
wp_password_change_notification($user);
}
function ll_reset_psw($key, $login)
{
$user = $this->ll_check_password_reset_key($key, $login);
if (is_wp_error($user)) {
$this->ll_login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Your password reset key is invalid.') . '</p>', $errors);
// ( site_url('wp-login.php?action=lostpassword&error=invalidkey') );
exit;
}
$errors = '';
if (isset($_POST['ll_reset_password']) && !wp_verify_nonce($_POST['ll_reset_password'], 'll_reset_psw')) {
$errors = new WP_Error('password_reset_auth_error', __('You are not authorized to take that action!'));
} else {
if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) {
$errors = new WP_Error('password_reset_mismatch', __('The passwords do not match.'));
} else {
if (isset($_POST['pass1']) && !empty($_POST['pass1']) && true !== $this->ll_test_new_psw($_POST['pass1'], $login)) {
$errors = new WP_Error('password_reset_mismatch', __('You cannot reuse that password yet. Please choose a different password.'));
} else {
if (isset($_POST['pass1']) && !empty($_POST['pass1']) && ($msg = $this->ll_check_psw_strength($_POST['pass1']))) {
$errors = new WP_Error('password_policy_error', __($msg));
} elseif (isset($_POST['pass1']) && !empty($_POST['pass1'])) {
do_action('password_reset', $user, $_POST['pass1']);
wp_set_password($_POST['pass1'], $user->ID);
wp_password_change_notification($user);
delete_user_meta($user->ID, 'll_force_password_change_now');
$this->ll_login_header(__('Password Reset'), '<p class="message reset-pass">' . __('Your password has been reset.') . ' <a href="' . site_url('wp-login.php', 'login') . '">' . __('Log in') . '</a></p>');
$this->ll_login_footer();
exit;
}
}
}
}
if (isset($errors->errors['password_reset_auth_error'])) {
$msg = 'You are not authorized to take that action';
$this->ll_login_header('', '', $errors);
exit;
}
wp_enqueue_script('utils');
wp_enqueue_script('user-profile');
$msg = __('You must reset your password.') . '<br/><br/>';
if ('yes' == $this->ll_options['psw_reuse']) {
$msg .= __('You may not reuse old passwords!') . '<br/><br/>';
}
$msg .= __('Enter your new password below:');
$this->ll_login_header(__('Reset Password'), '<p class="message reset-pass ">' . $msg . '</p>', $errors);
?>
<form name="resetpassform" id="resetpassform" action="<?php
echo site_url('wp-login.php?action=resetpass&key=' . urlencode($key) . '&login='******'login_post');
?>
" method="post">
<input type="hidden" id="user_login" value="<?php
echo esc_attr($_GET['login']);
?>
" autocomplete="off" />
<?php
wp_nonce_field('ll_reset_psw', 'll_reset_password');
?>
<p>
<label><?php
_e('New password');
?>
<br />
<input type="password" name="pass1" id="pass1" class="input" size="20" value="" autocomplete="off" /></label>
</p>
<p>
<label><?php
_e('Confirm new password');
?>
<br />
<input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" /></label>
</p>
<div id="pass-strength-result" class="hide-if-no-js"><?php
_e('Strength indicator');
?>
</div>
<p class="description indicator-hint">
<strong>
<span style="color:#cf0000">
<?php
_e('NOTE');
?>
:
</span>
<?php
_e('The password must be at least');
echo ' ' . $this->ll_options['psw_length'] . ' ';
?>
<?php
_e('characters long.');
?>
<?php
if ('high' == $this->ll_options['psw_policy']) {
_e('You must include upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).');
} else {
if ('medium' == $this->ll_options['psw_policy']) {
_e('You must include upper and lower case letters and numbers.');
}
}
?>
</strong>
</p>
<br class="clear" />
<p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button-primary" value="<?php
esc_attr_e('Reset Password');
?>
" tabindex="100" /></p>
</form>
<p id="nav">
<a href="<?php
echo site_url('wp-login.php', 'login');
?>
"><?php
_e('Log in');
?>
</a>
<?php
if (get_option('users_can_register')) {
?>
| <a href="<?php
echo site_url('wp-login.php?action=register', 'login');
?>
"><?php
_e('Register');
?>
</a>
<?php
}
?>
</p>
<?php
$this->ll_login_footer('user_pass');
exit;
}
/**
* user forgot password and reset it
* @param Array $args
# - user_key : activation key when request pass
# - user_name : user name
# - new_password : user new password
* @return Object
* @author Dakachi
* @since 1.0.1
*/
function resetpass($args)
{
try {
if (empty($args['user_login'])) {
throw new Exception(__("Username is empty.", ET_DOMAIN));
}
if (empty($args['user_key'])) {
throw new Exception(__("Invalid Activation Key", ET_DOMAIN));
}
if (empty($args['new_password'])) {
throw new Exception(__("Please enter your new password", ET_DOMAIN));
}
$args['user_pass'] = $args['new_password'];
// validate activation key
$validate_result = $this->check_activation_key($args['user_key'], $args['user_login']);
if (is_wp_error($validate_result)) {
return $validate_result;
}
// do reset password
$user = get_user_by('login', $args['user_login']);
// set new pass
wp_set_password($args['user_pass'], $user->ID);
wp_password_change_notification($user);
return array('success' => true, 'msg' => __('Your password have updated successfull. You can login with your new password now.'));
} catch (Exception $e) {
return new WP_Error('reset_error', $e->getMessage());
}
}
/**
* Handles resetting the user's password.
*
* @param object $user The user
* @param string $new_pass New password for the user in plaintext
*/
function wpc_reset_password($user, $new_pass)
{
wp_set_password($new_pass, $user->ID);
wp_password_change_notification($user);
}
/**
* Handles resetting the user's password.
*
* @uses $wpdb WordPress Database object
*
* @param string $key Hash to validate sending user's password
* @return bool|WP_Error
*/
function reset_password($key)
{
global $wpdb, $current_site;
$key = preg_replace('/[^a-z0-9]/i', '', $key);
if (empty($key)) {
return new WP_Error('invalid_key', __('Invalid key'));
}
$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s", $key));
if (empty($user)) {
return new WP_Error('invalid_key', __('Invalid key'));
}
do_action('password_reset', $user);
// Generate something random for a password...
$new_pass = wp_generate_password();
wp_set_password($new_pass, $user->ID);
$message = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
$message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
$message .= site_url('wp-login.php', 'login') . "\r\n";
if (!wp_mail($user->user_email, sprintf(__('[%s] Your new password'), $current_site->site_name), $message)) {
die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
}
wp_password_change_notification($user);
return true;
}
function mgm_reset_password($key, $user)
{
global $current_site;
if (isset($user->ID) && $user->ID > 0) {
$new_pass = wp_generate_password();
do_action('password_reset', $user, $new_pass);
wp_set_password($new_pass, $user->ID);
update_user_option($user->ID, 'default_password_nag', true, true);
//Set up the Password change nag.
//get custom title/messages
$title = apply_filters('password_reset_title', '');
$message = apply_filters('password_reset_message', '', $new_pass);
if ($message && !mgm_mail($user->user_email, $title, $message)) {
wp_die(__('The e-mail could not be sent.', 'mgm') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function.', 'mgm'));
}
wp_password_change_notification($user);
wp_safe_redirect(mgm_get_custom_url('login', false, array('checkemail' => 'newpass')));
exit;
}
}
