/** * Handles resetting the user's password. * * @since 2.5.0 * * @param object $user The user * @param string $new_pass New password for the user in plaintext */ function reset_password($user, $new_pass) { /** * Fires before the user's password is reset. * * @since 1.5.0 * * @param object $user The user. * @param string $new_pass New user password. */ do_action('password_reset', $user, $new_pass); wp_set_password($new_pass, $user->ID); update_user_option($user->ID, 'default_password_nag', false, true); wp_password_change_notification($user); }
function reset_password($key) { global $wpdb, $SimpleLogin; $key = preg_replace('/[^a-z0-9]/i', '', $key); if (empty($key)) { return new WP_Error('invalid_key', __('Invalid key', 'simplelogin')); } $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s", $key)); if (empty($user)) { return new WP_Error('invalid_key', __('Invalid key', 'simplelogin')); } do_action('password_reset', $user); // Generate something random for a password... $new_pass = wp_generate_password(); wp_set_password($new_pass, $user->ID); $from = $SimpleLogin->MailFrom(); $from_name = $SimpleLogin->MailFromName(); $subject = $SimpleLogin->GetOption('custom_user_pass_changed_mail_subject'); $message = $SimpleLogin->GetOption('custom_user_pass_changed_mail_message'); $replace_this = array('/%blogname%/', '/%siteurl%/', '/%user_login%/', '/%user_email%/', '/%user_pass%/', '/%user_ip%/'); $replace_with = array(get_option('blogname'), get_option('siteurl'), $user->user_login, $user->user_email, $new_pass, $_SERVER['REMOTE_ADDR']); if (!empty($from)) { add_filter('wp_mail_from', array(&$SimpleLogin, 'MailFrom')); } if (!empty($from_name)) { add_filter('wp_mail_from_name', array(&$SimpleLogin, 'MailFromName')); } if (empty($subject)) { $subject = sprintf(__('[%s] Your new password', 'simplelogin'), get_option('blogname')); } else { $subject = preg_replace($replace_this, $replace_with, $subject); } if (empty($message)) { $message = sprintf(__('Username: %s', 'simplelogin'), $user->user_login) . "\r\n"; $message .= sprintf(__('Password: %s', 'simplelogin'), $new_pass) . "\r\n"; $message .= simplelogin_url(array('action' => 'login')) . "\r\n"; } else { $message = preg_replace($replace_this, $replace_with, $message); } if (!wp_mail($user->user_email, $subject, $message)) { die('<p>' . __('The e-mail could not be sent.', 'simplelogin') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...', 'simplelogin') . '</p>'); } wp_password_change_notification($user); return true; }
/** * Handles resetting the user's password. * * @param object $user The user * @param string $new_pass New password for the user in plaintext */ function reset_password($user, $new_pass) { do_action('password_reset', $user, $new_pass); wp_set_password($new_pass, $user->ID); wp_password_change_notification($user); }
/** * Handles resetting the user's password. * * @access public * @param object $user The user * @param string $new_pass New password for the user in plaintext * @return void */ public static function change_password($user, $new_pass) { do_action('password_reset', $user, $new_pass); wp_set_password($new_pass, $user->ID); if (!wpum_get_option('disable_admin_password_recovery_email')) { wp_password_change_notification($user); } }
/** * Handles resetting the user's password. * * @uses $wpdb WordPress Database object * * @param string $key Hash to validate sending user's password * @return bool|WP_Error */ function reset_password($key, $login) { global $wpdb; $key = preg_replace('/[^a-z0-9]/i', '', $key); if (empty($key) || !is_string($key)) { return new WP_Error('invalid_key', __('Invalid key')); } if (empty($login) || !is_string($login)) { return new WP_Error('invalid_key', __('Invalid key')); } $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s AND user_login = %s", $key, $login)); if (empty($user)) { return new WP_Error('invalid_key', __('Invalid key')); } // Generate something random for a password... $new_pass = wp_generate_password(); do_action('password_reset', $user, $new_pass); wp_set_password($new_pass, $user->ID); update_usermeta($user->ID, 'default_password_nag', true); //Set up the Password change nag. $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n"; $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n"; $message .= site_url('wp-login.php', 'login') . "\r\n"; $title = sprintf(__('[%s] Your new password'), get_option('blogname')); $title = apply_filters('password_reset_title', $title); $message = apply_filters('password_reset_message', $message, $new_pass); if ($message && !wp_mail($user->user_email, $title, $message)) { die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>'); } wp_password_change_notification($user); return true; }
/** * Handles resetting the user's password. * * @param object $user The user * @param string $new_pass New password for the user in plaintext */ public static function reset_password($user, $new_pass) { do_action('password_reset', $user, $new_pass); wp_set_password($new_pass, $user->ID); self::set_reset_password_cookie(); wp_password_change_notification($user); }
/** * Handles resetting the user's password. * * @uses $wpdb WordPress Database object * * @param string $key Hash to validate sending user's password * @return bool|WP_Error */ function reset_password($key, $login) { global $wpdb; $key = preg_replace('/[^a-z0-9]/i', '', $key); if ( empty( $key ) || !is_string( $key ) ) return new WP_Error('invalid_key', __('Invalid key')); if ( empty($login) || !is_string($login) ) return new WP_Error('invalid_key', __('Invalid key')); $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s AND user_login = %s", $key, $login)); if ( empty( $user ) ) return new WP_Error('invalid_key', __('Invalid key')); // Generate something random for a password... $new_pass = wp_generate_password(); do_action('password_reset', $user, $new_pass); wp_set_password($new_pass, $user->ID); update_user_option($user->ID, 'default_password_nag', true, true); //Set up the Password change nag. $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n"; $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n"; $message .= site_url('wp-login.php', 'login') . "\r\n"; if ( is_multisite() ) $blogname = $GLOBALS['current_site']->site_name; else // The blogname option is escaped with esc_html on the way into the database in sanitize_option // we want to reverse this for the plain text arena of emails. $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); $title = sprintf( __('[%s] Your new password'), $blogname ); $title = apply_filters('password_reset_title', $title); $message = apply_filters('password_reset_message', $message, $new_pass); if ( $message && !wp_mail($user->user_email, $title, $message) ) wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') ); wp_password_change_notification($user); return true; }
/** FORGOT PASSWORD - AJAX - Make renew password action **/ function wps_forgot_password_renew() { global $wpdb; $status = false; $result = $form = ''; $password = !empty($_POST['pass1']) ? wpshop_tools::varSanitizer($_POST['pass1']) : null; $confirm_password = !empty($_POST['pass2']) ? wpshop_tools::varSanitizer($_POST['pass2']) : null; $activation_key = !empty($_POST['activation_key']) ? wpshop_tools::varSanitizer($_POST['activation_key']) : null; $login = !empty($_POST['user_login']) ? wpshop_tools::varSanitizer($_POST['user_login']) : null; if (!empty($password) && !empty($confirm_password) && $confirm_password == $password) { if (!empty($activation_key) && !empty($login)) { $existing_user = false; $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s AND user_login = %s", $activation_key, $login)); if (empty($user)) { $existing_user = true; } else { $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s AND user_email = %s", $activation_key, $login)); if (!empty($user)) { $existing_user = true; } } if ($existing_user) { wp_set_password($password, $user->ID); wp_password_change_notification($user); $status = true; $result = '<div class="wps-alert-success">' . __('Your password has been updated', 'wpshop') . '. <a href="#" id="display_connexion_form"> ' . __('Connect you', 'wpshop') . ' !</a></div>'; $form = self::get_login_form(true); } else { $result = '<div class=" wps-alert-error">' . __('Invalid activation key', 'wpshop') . '</div>'; } } else { $result = '<div class=" wps-alert-error">' . __('Invalid activation key', 'wpshop') . '</div>'; } } else { $result = '<div class="wps-alert-error">' . __('Password and confirmation password are differents', 'wpshop') . '</div>'; } $response = array($status, $result, $form); echo json_encode($response); die; }
/** * Handles resetting the user's password. * * @param object $user The user * @param string $new_pass New password for the user in plaintext */ function reset_password($user, $new_pass) { do_action('password_reset', $user, $new_pass); wp_set_password($new_pass, $user->ID); update_user_option($user->ID, 'default_password_nag', false, true); wp_password_change_notification($user); }
function ll_reset_psw($key, $login) { $user = $this->ll_check_password_reset_key($key, $login); if (is_wp_error($user)) { $this->ll_login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Your password reset key is invalid.') . '</p>', $errors); // ( site_url('wp-login.php?action=lostpassword&error=invalidkey') ); exit; } $errors = ''; if (isset($_POST['ll_reset_password']) && !wp_verify_nonce($_POST['ll_reset_password'], 'll_reset_psw')) { $errors = new WP_Error('password_reset_auth_error', __('You are not authorized to take that action!')); } else { if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) { $errors = new WP_Error('password_reset_mismatch', __('The passwords do not match.')); } else { if (isset($_POST['pass1']) && !empty($_POST['pass1']) && true !== $this->ll_test_new_psw($_POST['pass1'], $login)) { $errors = new WP_Error('password_reset_mismatch', __('You cannot reuse that password yet. Please choose a different password.')); } else { if (isset($_POST['pass1']) && !empty($_POST['pass1']) && ($msg = $this->ll_check_psw_strength($_POST['pass1']))) { $errors = new WP_Error('password_policy_error', __($msg)); } elseif (isset($_POST['pass1']) && !empty($_POST['pass1'])) { do_action('password_reset', $user, $_POST['pass1']); wp_set_password($_POST['pass1'], $user->ID); wp_password_change_notification($user); delete_user_meta($user->ID, 'll_force_password_change_now'); $this->ll_login_header(__('Password Reset'), '<p class="message reset-pass">' . __('Your password has been reset.') . ' <a href="' . site_url('wp-login.php', 'login') . '">' . __('Log in') . '</a></p>'); $this->ll_login_footer(); exit; } } } } if (isset($errors->errors['password_reset_auth_error'])) { $msg = 'You are not authorized to take that action'; $this->ll_login_header('', '', $errors); exit; } wp_enqueue_script('utils'); wp_enqueue_script('user-profile'); $msg = __('You must reset your password.') . '<br/><br/>'; if ('yes' == $this->ll_options['psw_reuse']) { $msg .= __('You may not reuse old passwords!') . '<br/><br/>'; } $msg .= __('Enter your new password below:'); $this->ll_login_header(__('Reset Password'), '<p class="message reset-pass ">' . $msg . '</p>', $errors); ?> <form name="resetpassform" id="resetpassform" action="<?php echo site_url('wp-login.php?action=resetpass&key=' . urlencode($key) . '&login='******'login_post'); ?> " method="post"> <input type="hidden" id="user_login" value="<?php echo esc_attr($_GET['login']); ?> " autocomplete="off" /> <?php wp_nonce_field('ll_reset_psw', 'll_reset_password'); ?> <p> <label><?php _e('New password'); ?> <br /> <input type="password" name="pass1" id="pass1" class="input" size="20" value="" autocomplete="off" /></label> </p> <p> <label><?php _e('Confirm new password'); ?> <br /> <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" /></label> </p> <div id="pass-strength-result" class="hide-if-no-js"><?php _e('Strength indicator'); ?> </div> <p class="description indicator-hint"> <strong> <span style="color:#cf0000"> <?php _e('NOTE'); ?> : </span> <?php _e('The password must be at least'); echo ' ' . $this->ll_options['psw_length'] . ' '; ?> <?php _e('characters long.'); ?> <?php if ('high' == $this->ll_options['psw_policy']) { _e('You must include upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).'); } else { if ('medium' == $this->ll_options['psw_policy']) { _e('You must include upper and lower case letters and numbers.'); } } ?> </strong> </p> <br class="clear" /> <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button-primary" value="<?php esc_attr_e('Reset Password'); ?> " tabindex="100" /></p> </form> <p id="nav"> <a href="<?php echo site_url('wp-login.php', 'login'); ?> "><?php _e('Log in'); ?> </a> <?php if (get_option('users_can_register')) { ?> | <a href="<?php echo site_url('wp-login.php?action=register', 'login'); ?> "><?php _e('Register'); ?> </a> <?php } ?> </p> <?php $this->ll_login_footer('user_pass'); exit; }
/** * user forgot password and reset it * @param Array $args # - user_key : activation key when request pass # - user_name : user name # - new_password : user new password * @return Object * @author Dakachi * @since 1.0.1 */ function resetpass($args) { try { if (empty($args['user_login'])) { throw new Exception(__("Username is empty.", ET_DOMAIN)); } if (empty($args['user_key'])) { throw new Exception(__("Invalid Activation Key", ET_DOMAIN)); } if (empty($args['new_password'])) { throw new Exception(__("Please enter your new password", ET_DOMAIN)); } $args['user_pass'] = $args['new_password']; // validate activation key $validate_result = $this->check_activation_key($args['user_key'], $args['user_login']); if (is_wp_error($validate_result)) { return $validate_result; } // do reset password $user = get_user_by('login', $args['user_login']); // set new pass wp_set_password($args['user_pass'], $user->ID); wp_password_change_notification($user); return array('success' => true, 'msg' => __('Your password have updated successfull. You can login with your new password now.')); } catch (Exception $e) { return new WP_Error('reset_error', $e->getMessage()); } }
/** * Handles resetting the user's password. * * @param object $user The user * @param string $new_pass New password for the user in plaintext */ function wpc_reset_password($user, $new_pass) { wp_set_password($new_pass, $user->ID); wp_password_change_notification($user); }
/** * Handles resetting the user's password. * * @uses $wpdb WordPress Database object * * @param string $key Hash to validate sending user's password * @return bool|WP_Error */ function reset_password($key) { global $wpdb, $current_site; $key = preg_replace('/[^a-z0-9]/i', '', $key); if (empty($key)) { return new WP_Error('invalid_key', __('Invalid key')); } $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE user_activation_key = %s", $key)); if (empty($user)) { return new WP_Error('invalid_key', __('Invalid key')); } do_action('password_reset', $user); // Generate something random for a password... $new_pass = wp_generate_password(); wp_set_password($new_pass, $user->ID); $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n"; $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n"; $message .= site_url('wp-login.php', 'login') . "\r\n"; if (!wp_mail($user->user_email, sprintf(__('[%s] Your new password'), $current_site->site_name), $message)) { die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>'); } wp_password_change_notification($user); return true; }
function mgm_reset_password($key, $user) { global $current_site; if (isset($user->ID) && $user->ID > 0) { $new_pass = wp_generate_password(); do_action('password_reset', $user, $new_pass); wp_set_password($new_pass, $user->ID); update_user_option($user->ID, 'default_password_nag', true, true); //Set up the Password change nag. //get custom title/messages $title = apply_filters('password_reset_title', ''); $message = apply_filters('password_reset_message', '', $new_pass); if ($message && !mgm_mail($user->user_email, $title, $message)) { wp_die(__('The e-mail could not be sent.', 'mgm') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function.', 'mgm')); } wp_password_change_notification($user); wp_safe_redirect(mgm_get_custom_url('login', false, array('checkemail' => 'newpass'))); exit; } }