WordPress.org

Forums

Theme My Login
[closed] Lost password not working (22 posts)

  1. Psychu
    Member
    Posted 1 year ago #

    When I'm using TML – I get links [still this same]
    /resetpass/?key=%24P%24BTUgIuyL3EavV7zaAPJK2wzadgn80e%2F&login=

    When I turn off plugin i get different link:
    /wp-login.php?action=rp&key=Vduj7RK7r8YG4Koyy4fs&login=

    When I was changed theme it was still this same.

    http://wordpress.org/plugins/theme-my-login/

  2. jkhongusc
    Member
    Posted 1 year ago #

    We have the same problem. Lost Password is not working. We have a newly installed WP 3.8.1 multisite installation with TML.

    I had to hack TML to get Lost Password to work. IMO, the procedure to retrieve/update the user_activation_key must have changed in a previous version of WP but TML did not update their code base; hence Lost Password functionality is broken.

    I had to modify about 10 lines in theme-my-login/includes/class-theme-my-login.php.

  3. am3n
    Member
    Posted 1 year ago #

    can you please share your 10 lines code here so the developer can fix it right away on next release?

  4. jkhongusc
    Member
    Posted 1 year ago #

    Here are the changes I made to get TML Lost Password to work with WP 3.8.1.

    Disclaimer: My changes only work with WP 3.8. If you apply these changes on an earlier WP version, you may break the Lost Password functionality.

    theme-my-login/includes/class-theme-my-login.php
    line 308

    - $user = self::check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );
    + $user = check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );

    line 1042

    + $key = '';

    line 1047

    - $wpdb->update( $wpdb->users, array( 'user_activation_key' => $key ), array( 'user_login' => $user_login ) );
    + if ( empty( $wp_hasher ) ) {
    +     require_once ABSPATH . 'wp-includes/class-phpass.php';
    +     $wp_hasher = new PasswordHash( 8, true );
    + }
    + $hashed = $wp_hasher->HashPassword( $key );
    + $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );
  5. jtm12
    Member
    Posted 1 year ago #

    First, let me say a big thank you.

    I can do a little bit of PHP coding but I wouldn't have figured this out.

    I wanted to ask you if you could expand on what to do with line 1042. I actually already have code on that line. Lines 1041 to 1043 are as follows (I checked that I hadn't accidentally deleted a line of code and thrown off the numbering. This is how my document opens):

    `$key = $wpdb->get_var( $wpdb->prepare( "SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login ) );
    if ( empty( $key ) ) {
    // Generate something random for a key...`

    Where would I put your code?

    Again, a big thank you.

  6. jtm12
    Member
    Posted 1 year ago #

    Oh, I forgot to answer your question. Yes, we are using 3.8.1. Upgrading to this WordPress version appears to have triggered the problem.

  7. jkhongusc
    Member
    Posted 1 year ago #

    Sorry Line #1042 is confusing but was the minimal amount of change. The code should look like this:

    $key = $wpdb->get_var( $wpdb->prepare( "SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login ) );
    $key = '';
    if ( empty( $key ) ) {
    // Generate something random for a key...

    My addition is in the middle, which essentially makes key empty.

  8. jkhongusc
    Member
    Posted 1 year ago #

    duplicate post

  9. jtm12
    Member
    Posted 1 year ago #

    It probably wasn't confusing to others.

    Thank you for walking me through that.

    It all worked perfectly.

    I am so impressed.

    Thank you.

  10. onakublogger
    Member
    Posted 1 year ago #

    @jkhongusc .. I tried to follow your directions (I am a PHP neophyte) when I look at the line numbers for the class-theme-my-login.php file, they do not have the same code as you mention here on your post. What am I missing? I have the correct file open, I know that much. I can find these lines of code:
    - $user = self::check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );
    + $user = check_password_reset_key( $_REQUEST['key'], $_REQUEST['login'] );

    but on different line numbers..

    This line: (which is apparently supposed to be 1042)
    + $key = '';

    is not in the php file at all after doing a search for it. Any suggestions?

  11. jkhongusc
    Member
    Posted 1 year ago #

    onakublogger:
    - means remove that line of code
    + means to add a new line

    line #1042 is a new line of code which you need to add; so you cannot find it in the file. I posted above what the line #1042 looks like when you add it to the file.

  12. Alex-VP
    Member
    Posted 1 year ago #

    After changes in this file
    theme-my-login/includes/class-theme-my-login.php.
    The form "Set password" is appeared but password not changed.
    I'am set up new password and after entering this new password plugin tels me next:
    Error: Entered (new) password for user.. is wrong!

  13. Kraha
    Member
    Posted 1 year ago #

    still not working... make changes like you said and just taking a mail, but its not give new password or code to change it.

  14. Kraha
    Member
    Posted 1 year ago #

    Also change line #1060 to:
    $message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";

    and it should working, if still not make this same with wp-login.php at line #364:
    $message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";

    Tell me if it helps anyone?

  15. mavuus
    Member
    Posted 1 year ago #

    Excuse me Kraha,

    Do you mean wp-login.php, the core file?... I tried jkhongusc's code, but nothing happened... So I tried your solution. Nonetheless, I woud rather not touch core files...

    Thanks to everybody!!!

  16. mavuus
    Member
    Posted 1 year ago #

    I mean, I only modified 1060 line with no results.

  17. dohare
    Member
    Posted 1 year ago #

    Hi

    Would anyone be able to help me with this as I've upgraded to WP. 3.8.1 and despite trying to follow the great help above, I still cannot get this to work. I need it done quite urgently. If interested in the work please email: nbrowne1999@hotmail.co.uk so we can discuss a fee.

    Thanks!

  18. mavuus
    Member
    Posted 1 year ago #

    I haven't found a solution yet. If I find something I let all you know :)

  19. jtm12
    Member
    Posted 1 year ago #

    I just wanted to jump in here and mention that jkhongusc's coding did work for my site (and his, I'm assuming).

    I am able to reset passwords and then log in.

    So some other factor is also at work for those whose sites weren't helped by this coding change.

  20. mavuus
    Member
    Posted 1 year ago #

    Ok,

    I have WordPress update but Theme my login wasn't updated. So I updated my plugin, I followed jkhongusc's coding and... nothing change, but I remember in functions.php I redirect after reset password page, so I delete this last code and everything worked fine.

    So thanks a lot jkhongusc !!!

    Maybe someone have the same issue, so check plugin version and your functions.php or other modifications that could affect your plugin.

  21. nick1900
    Member
    Posted 11 months ago #

    I just did a fresh install of 3.9 and TML and I'm getting the invalid key on a password reset. The strange thing is that the user does receive the email and the reset works but this message is a bit annoying.

    Is there a conclusive fix for this issue?

  22. georgealexander151
    Member
    Posted 11 months ago #

    I have changed the code like above and I am getting the same errors as nick1900 on 3.9. Lost password will not work no matter what I do.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic