} if (strlen($_POST['pass1']) < 6) { $errors->add('password_reset_mismatch2', '密码至少6位。'); } /** * Fires before the password reset procedure is validated. * * @since 3.5.0 * * @param object $errors WP Error object. * @param WP_User|WP_Error $user WP_User object if the login and reset key match. WP_Error object otherwise. */ do_action('validate_password_reset', $errors, $user); if (!$errors->get_error_code() && isset($_POST['pass1']) && !empty($_POST['pass1'])) { reset_password($user, $_POST['pass1']); wp_redirect(mo_get_user_rp() . '?action=success'); exit; } // wp_enqueue_script('utils'); // wp_enqueue_script('user-profile'); $classactive2 = ' class="active"'; break; case 'success': $classactive3 = ' class="active"'; break; } ?> <section class="container"> <div class="content-wrap"> <div class="content resetpass"> <h1 class="hide"><?php
www: '<?php echo home_url(); ?> ', uri: '<?php echo get_stylesheet_directory_uri(); ?> ', ver: '<?php echo THEME_VERSION; ?> ', roll: <?php echo $roll; ?> , ajaxpager: '<?php echo _wedn_option("ajaxpager"); ?> ', url_rp: '<?php echo mo_get_user_rp(); ?> ' }; </script> <?php wp_footer(); ?> </body> </html>
function retrieve_password() { global $wpdb, $wp_hasher; $errors = new WP_Error(); if (empty($_POST['user_login'])) { $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.')); } else { if (strpos($_POST['user_login'], '@')) { $user_data = get_user_by('email', trim($_POST['user_login'])); if (empty($user_data)) { $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.')); } } else { $login = trim($_POST['user_login']); $user_data = get_user_by('login', $login); } } /** * Fires before errors are returned from a password reset request. * * @since 2.1.0 */ do_action('lostpassword_post'); if ($errors->get_error_code()) { return $errors; } if (!$user_data) { $errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.')); return $errors; } // redefining user_login ensures we return the right case in the email $user_login = $user_data->user_login; $user_email = $user_data->user_email; /** * Fires before a new password is retrieved. * * @since 1.5.0 * @deprecated 1.5.1 Misspelled. Use 'retrieve_password' hook instead. * * @param string $user_login The user login name. */ do_action('retreive_password', $user_login); /** * Fires before a new password is retrieved. * * @since 1.5.1 * * @param string $user_login The user login name. */ do_action('retrieve_password', $user_login); /** * Filter whether to allow a password to be reset. * * @since 2.7.0 * * @param bool true Whether to allow the password to be reset. Default true. * @param int $user_data->ID The ID of the user attempting to reset a password. */ $allow = apply_filters('allow_password_reset', true, $user_data->ID); if (!$allow) { return new WP_Error('no_password_reset', __('Password reset is not allowed for this user')); } else { if (is_wp_error($allow)) { return $allow; } } // Generate something random for a password reset key. $key = wp_generate_password(20, false); /** * Fires when a password reset key is generated. * * @since 2.5.0 * * @param string $user_login The username for the user. * @param string $key The generated password reset key. */ do_action('retrieve_password_key', $user_login, $key); // Now insert the key, hashed, into the DB. if (empty($wp_hasher)) { require_once ABSPATH . 'wp-includes/class-phpass.php'; $wp_hasher = new PasswordHash(8, true); } $hashed = $wp_hasher->HashPassword($key); $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login)); $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n"; $message .= network_home_url('/') . "\r\n\r\n"; $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n"; $message .= __('To reset your password, visit the following address:') . "\r\n\r\n"; $message .= network_site_url(mo_get_user_rp() . "?action=resetpass&key={$key}&login="******"<br />\n" . __('Possible reason: your host may have disabled the mail() function.')); } return true; }