WordPress.org

Ready to get started?Download WordPress

Forums

Theme My Login
[closed] Lost password not working (22 posts)

  1. Psychu
    Member
    Posted 7 months ago #

    When I'm using TML – I get links [still this same]
    /resetpass/?key=%24P%24BTUgIuyL3EavV7zaAPJK2wzadgn80e%2F&login=

    When I turn off plugin i get different link:
    /wp-login.php?action=rp&key=Vduj7RK7r8YG4Koyy4fs&login=

    When I was changed theme it was still this same.

    http://wordpress.org/plugins/theme-my-login/

  2. jkhongusc
    Member
    Posted 6 months ago #

    We have the same problem. Lost Password is not working. We have a newly installed WP 3.8.1 multisite installation with TML.

    I had to hack TML to get Lost Password to work. IMO, the procedure to retrieve/update the user_activation_key must have changed in a previous version of WP but TML did not update their code base; hence Lost Password functionality is broken.

    I had to modify about 10 lines in theme-my-login/includes/class-theme-my-login.php.

  3. am3n
    Member
    Posted 6 months ago #

    can you please share your 10 lines code here so the developer can fix it right away on next release?

  4. jkhongusc
    Member
    Posted 6 months ago #

    Here are the changes I made to get TML Lost Password to work with WP 3.8.1.

    Disclaimer: My changes only work with WP 3.8. If you apply these changes on an earlier WP version, you may break the Lost Password functionality.

    theme-my-login/includes/class-theme-my-login.php
    line 308

    - $user = self::check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );
    + $user = check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );

    line 1042

    + $key = '';

    line 1047

    - $wpdb->update( $wpdb->users, array( 'user_activation_key' => $key ), array( 'user_login' => $user_login ) );
    + if ( empty( $wp_hasher ) ) {
    +     require_once ABSPATH . 'wp-includes/class-phpass.php';
    +     $wp_hasher = new PasswordHash( 8, true );
    + }
    + $hashed = $wp_hasher->HashPassword( $key );
    + $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );
  5. jtm12
    Member
    Posted 6 months ago #

    First, let me say a big thank you.

    I can do a little bit of PHP coding but I wouldn't have figured this out.

    I wanted to ask you if you could expand on what to do with line 1042. I actually already have code on that line. Lines 1041 to 1043 are as follows (I checked that I hadn't accidentally deleted a line of code and thrown off the numbering. This is how my document opens):

    `$key = $wpdb->get_var( $wpdb->prepare( "SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login ) );
    if ( empty( $key ) ) {
    // Generate something random for a key...`

    Where would I put your code?

    Again, a big thank you.

  6. jtm12
    Member
    Posted 6 months ago #

    Oh, I forgot to answer your question. Yes, we are using 3.8.1. Upgrading to this WordPress version appears to have triggered the problem.

  7. jkhongusc
    Member
    Posted 6 months ago #

    Sorry Line #1042 is confusing but was the minimal amount of change. The code should look like this:

    $key = $wpdb->get_var( $wpdb->prepare( "SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login ) );
    $key = '';
    if ( empty( $key ) ) {
    // Generate something random for a key...

    My addition is in the middle, which essentially makes key empty.

  8. jkhongusc
    Member
    Posted 6 months ago #

    duplicate post

  9. jtm12
    Member
    Posted 6 months ago #

    It probably wasn't confusing to others.

    Thank you for walking me through that.

    It all worked perfectly.

    I am so impressed.

    Thank you.

  10. onakublogger
    Member
    Posted 6 months ago #

    @jkhongusc .. I tried to follow your directions (I am a PHP neophyte) when I look at the line numbers for the class-theme-my-login.php file, they do not have the same code as you mention here on your post. What am I missing? I have the correct file open, I know that much. I can find these lines of code:
    - $user = self::check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );
    + $user = check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );

    but on different line numbers..

    This line: (which is apparently supposed to be 1042)
    + $key = '';

    is not in the php file at all after doing a search for it. Any suggestions?

  11. jkhongusc
    Member
    Posted 6 months ago #

    onakublogger:
    - means remove that line of code
    + means to add a new line

    line #1042 is a new line of code which you need to add; so you cannot find it in the file. I posted above what the line #1042 looks like when you add it to the file.

  12. Alex-VP
    Member
    Posted 6 months ago #

    After changes in this file
    theme-my-login/includes/class-theme-my-login.php.
    The form "Set password" is appeared but password not changed.
    I'am set up new password and after entering this new password plugin tels me next:
    Error: Entered (new) password for user.. is wrong!

  13. Kraha
    Member
    Posted 6 months ago #

    still not working... make changes like you said and just taking a mail, but its not give new password or code to change it.

  14. Kraha
    Member
    Posted 6 months ago #

    Also change line #1060 to:
    $message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";

    and it should working, if still not make this same with wp-login.php at line #364:
    $message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";

    Tell me if it helps anyone?

  15. mavuus
    Member
    Posted 5 months ago #

    Excuse me Kraha,

    Do you mean wp-login.php, the core file?... I tried jkhongusc's code, but nothing happened... So I tried your solution. Nonetheless, I woud rather not touch core files...

    Thanks to everybody!!!

  16. mavuus
    Member
    Posted 5 months ago #

    I mean, I only modified 1060 line with no results.

  17. dohare
    Member
    Posted 5 months ago #

    Hi

    Would anyone be able to help me with this as I've upgraded to WP. 3.8.1 and despite trying to follow the great help above, I still cannot get this to work. I need it done quite urgently. If interested in the work please email: nbrowne1999@hotmail.co.uk so we can discuss a fee.

    Thanks!

  18. mavuus
    Member
    Posted 5 months ago #

    I haven't found a solution yet. If I find something I let all you know :)

  19. jtm12
    Member
    Posted 5 months ago #

    I just wanted to jump in here and mention that jkhongusc's coding did work for my site (and his, I'm assuming).

    I am able to reset passwords and then log in.

    So some other factor is also at work for those whose sites weren't helped by this coding change.

  20. mavuus
    Member
    Posted 5 months ago #

    Ok,

    I have WordPress update but Theme my login wasn't updated. So I updated my plugin, I followed jkhongusc's coding and... nothing change, but I remember in functions.php I redirect after reset password page, so I delete this last code and everything worked fine.

    So thanks a lot jkhongusc !!!

    Maybe someone have the same issue, so check plugin version and your functions.php or other modifications that could affect your plugin.

  21. nick1900
    Member
    Posted 3 months ago #

    I just did a fresh install of 3.9 and TML and I'm getting the invalid key on a password reset. The strange thing is that the user does receive the email and the reset works but this message is a bit annoying.

    Is there a conclusive fix for this issue?

  22. georgealexander151
    Member
    Posted 3 months ago #

    I have changed the code like above and I am getting the same errors as nick1900 on 3.9. Lost password will not work no matter what I do.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic