Add new filter when retrieving password (patch included)
-
This is a great plugin, thank you…
I wanted to hook into the “lost password” functionality, and allow the user to enter a certain attribute of his account (not username/email address) and recover based on that. Theme-my-login has enough hooks to allow me to change the text labels on the forms easily, but there was no easy way I could see to convert the user’s supplied input into a (potential) login (or email address). The code directly uses $_POST[‘user_login’], giving no point at which this can be intercepted and played about with.
The easiest way to achieve this seemed to be to add a filter into retrieve_password() like so:
diff -u -N -r ../../../../theme-my-login-orig/includes/class-theme-my-login.php ./includes/class-theme-my-login.php --- ../../../../theme-my-login-orig/includes/class-theme-my-login.php 2012-10-31 19:52:17.404004630 +0300 +++ ./includes/class-theme-my-login.php 2012-11-06 20:40:54.827522573 +0300 @@ -959,14 +959,16 @@ $errors = new WP_Error(); - if ( empty( $_POST['user_login'] ) ) { + $login_key = apply_filters( 'tml_retrieval_key', $_POST['user_login'] ); + + if ( empty( $login_key ) ) { $errors->add( 'empty_username', __( '<strong>ERROR</strong>: Enter a username or e-mail address.', 'theme-my-login' ) ); - } else if ( strpos( $_POST['user_login'], '@' ) ) { - $user_data = get_user_by_email( trim( $_POST['user_login'] ) ); + } else if ( strpos( $login_key, '@' ) ) { + $user_data = get_user_by_email( trim( $login_key ) ); if ( empty( $user_data ) ) $errors->add( 'invalid_email', __( '<strong>ERROR</strong>: There is no user registered with that email address.', 'theme-my-login' ) ); } else { - $login = trim( $_POST['user_login'] ); + $login = trim( $login_key ); $user_data = get_user_by( 'login', $login ); }
I then write my code:
add_filter(‘tml_retrieval_key’, ‘my_login_convert’, 999, 1);
function my_login_convert($key) {
// Do stuff here to convert what is supplied into a username. In my case, I look up the key in a database and change that into a username.
return $key;
}It would be great if that change could be included in your next version – or something equivalent if there’s a better way.
- The topic ‘Add new filter when retrieving password (patch included)’ is closed to new replies.