Password Link using wp-login even when customized url

Resolved Sim Architect
(@thesimarchitect)

8 months, 2 weeks ago

Hello!

When a user registers and receives a message to click on a link to set up their first password, they’re redirected to the homepage because the link generated by your notification sends them to /wp-login.php?action=rp&key=randomkey&login=userid instead of sending them to /mycustomizedloginaddress?action=rp&key=randomkey&login=userid

The shortcode [password_reset_link] works correctly and is aware of the login page modification implemented by my security plugin but it can only used when a user already exists and is asking for a new password.

The shortcode [password_url] does NOT work correctly and has the error mentioned above.

I am not able to use [password_reset_link] for new users because it just adds the text [password_reset_link].

Same happens with the [password_url_raw] shortcode (it looks the same).

Please let me know if you can fix it or if I can do anything to change my template to be fixed.

I use Better Notifications but I also tested creating dummy users with the plugin disabled and everytime the email links are created using wp-login instead of using what I customized using your plugin.

I don’t remember having this problem before.

Other plugins like s2Member seem to be aware of the url change, so I don’t know what’s missing.

I tried creating filters using Gemini AI but I was unable to succeed.

I already have a topic on Better Notifications Plugin but now that I tested it with their plugin off I assume it’s likely something missing on this plugin, instead (or something that could be fixable here).

I am unable to figure out a solution after trying multiple things. Help would be very appreciated!

🙏🏻

Viewing 15 replies - 1 through 15 (of 22 total)

1 2 →

Plugin Support hjogiupdraftplus
(@hjogiupdraftplus)

8 months, 2 weeks ago

Hi @thesimarchitect

The email being sent for setting password have wp-login.php instead using AIOS the renamed login page URL that seems the issue here.

/wp-login.php?action=rp&key=randomkey&login=userid

site_url and network_site_url filter generally being used for such email urls and it was changing the wp-login.php to renamed login page.

I will create an internal ticket for this and get back to you.

Regards

Thread Starter Sim Architect
(@thesimarchitect)

8 months, 2 weeks ago

Thanks! Yes, this is the issue. It won’t replace /wp-login.php with something else I am using.

This is what Better Notifications send for those four shortcodes:

Login URL: https://website.com/wp-login.php

Login URL (Raw): https://website.com/wp-login.php

Set-up Password URL: https://website.com/wp-login.php?action=rp&key=somerandomkey&login=user

Set-up Password URL (Raw): https://website.com/wp-login.php?action=rp&key=somerandomkey&login=user

Password reset emails are ok.

https://website.com/customlogin/?action=rp&key=randomkey&login=user

Have a great day!

🌷

Plugin Support hjogiupdraftplus
(@hjogiupdraftplus)

8 months, 2 weeks ago

Hi @thesimarchitect

Ok, We will check for the “Better Notifications for WP” plugin why login urls are not AIOS custom login URL.

https://wordpress.org/plugins/bnfw/

Let me know if it is not the above plugin and any another.

Regards

Thread Starter Sim Architect
(@thesimarchitect)

8 months, 1 week ago

Hello! Thank you very much for your help and sorry for my delay!!

Version 5.3.10 of your plugin caused the issue (I just saw your comment on another topic but felt like making this one also have the information).

I temporarily rolled back to 5.3.8 and it works again.

Same with people unable to change their own passwords.

Password reset links seemed to work for a little, then not anymore. I am unsure why.

I tried your suggestion, by the way, but turning s2member off didn’t make a difference (just wanted you to know).

Glad people can log on now, even if I have to keep the plugin outdated for a few days. I’ll love to try the new version that fixes this as soon as possible. Keep us posted (I turned automatic updates off).

🌷

Plugin Support hjogiupdraftplus
(@hjogiupdraftplus)

8 months, 1 week ago

Hi @thesimarchitect

Ok, I will keep you posted when new version released. It suppose to be in end of this week.

Regards

Thread Starter Sim Architect
(@thesimarchitect)

7 months, 1 week ago

Hello!

Didn’t see a new version of the plugin being offered yet. Am I missing something?

Plugin Support hjogiupdraftplus
(@hjogiupdraftplus)

7 months, 1 week ago

Hi @thesimarchitect,

The release of AIOS 5.4.1 was already planned, but to make sure it does not have issues like the previous version, it seems to be delayed. It will be released soon. I will keep you updated.

Regards

Thread Starter Sim Architect
(@thesimarchitect)

6 months, 2 weeks ago

Hi! The new version did NOT fix the problem. I had to roll back again. I thought the issue would have been handled on 5.4.1 as you mentioned. Please check because it is still using wp-login.php instead of the custom url. 😢

I felt you might want to know. Please, keep us posted when this problem is solved. I didn’t test it and my site was sending the incorrect link to new users.

Plugin Support hjogiupdraftplus
(@hjogiupdraftplus)

6 months, 2 weeks ago

Hi @thesimarchitect,

Do it works with AIOS 5.3.8? Better Notifications Plugin if using wp-login.php instead the renamed login page it might be issue.

It has to be solved by Better Notifications Plugin if they do not use site_url and network_site_url filter for reset password link

Regards
Thread Starter Sim Architect
(@thesimarchitect)

6 months, 1 week ago
Better Notifications uses the line below for new registrations (wrong url on both 5.3.8 and 5.4.1):
```
To set your password, visit the following address: [password_url_raw]
```
It uses the line below for password reset links (both versions correct, just tested again):
```
To reset your password, visit the following address:
[password_reset_link]
```
I can’t use password_reset_link for new users. I tried before, so I need the [password_url_raw] to be correct.

They have a list of shortcodes available at https://betternotificationsforwp.com/documentation/notifications/shortcodes/?notification=new-user

Not sure what to do next. I also have s2member plugin and I can’t test registration without that plugin on, since the registration form does not work without it. It’s not changing the content of the message, though, I edited the text on Better Notifications and the text does change.

How can I fix that [password_url_raw] shortcode to be correct?

Thanks again!

🙏🏻
- This reply was modified 6 months, 1 week ago by Sim Architect.
Thread Starter Sim Architect
(@thesimarchitect)

6 months, 1 week ago
Turning Better Notifications off did NOT solve the problem.

The shortcode used by s2member is also defective:
```
To set your password, visit: %%wp_set_pass_url%% 
```
It returns the same wrong url (the default one with wp-login.php).

I am sorry, but it seems that AIOS isn’t updating something it should, so those are adjusted correctly for both plugins and any other that might need that variable to be fixed. It’s the plugin that changes the url, it should change any variable that might use that information, to provide compatibility.

Please let me know what else I can do.

Thanks!

🌷
- This reply was modified 6 months, 1 week ago by Sim Architect.
Plugin Support hjogiupdraftplus
(@hjogiupdraftplus)

6 months, 1 week ago

Hi @thesimarchitect,

Thanks for the information, I will update internal ticket to check why s2member plugin and Better notification plugin which seems using network_site_url have this issue.

Do you have multisite installation?

https://snipboard.io/OSYZX4.jpg

https://snipboard.io/az9nfH.jpg

Regards

Thread Starter Sim Architect
(@thesimarchitect)

6 months, 1 week ago

The problem is NOT with the password REset.

That was fixed by your last patch 5.4.1

The problem IS with the password SET link. The first one generated when a NEW user registers.

I do not have multisite.

Thanks a lot for reaching out quickly!

🌷

Thread Starter Sim Architect
(@thesimarchitect)

6 months, 1 week ago

Just a quick note. If I add a user with the back end the link generated is CORRECT.

I posted on s2member’s forum to see if something needs to be fixed at s2member to use the variable that contains the adjusted url instead of, potentially, a static string in the code.

I’ll let you know as soon as I find out more about it.

Have a lovely day!

🌷

Thread Starter Sim Architect
(@thesimarchitect)

6 months, 1 week ago

Thanks again. I feel this is not getting fixed. I just added an explanation telling future users to fix the link manually by themselves or use the password reset.

I thought this was something easily fixable. If I knew it would be this difficult I’d not use the feature. It worked before, stopped working properly, silently, months ago.

Then, half of it was fixed, but not the other half.

I have no idea what’s broken but I know that the concept of custom url for login is your plugin’s implementation and it was working fine before, at least until a few months ago (can’t precise when).

If things were broken by wordpress’ “exciting” updates or if something changed in your plugin, or both, I don’t know.

I am thankful for everything but if you can’t fix it, I will just have to accept it wills stay broken and hope people read the content of their email saying they have to manually edit the url or send a password change request, instead.

Have a nice day/evening.

🌃

Viewing 15 replies - 1 through 15 (of 22 total)

1 2 →

The topic ‘Password Link using wp-login even when customized url’ is closed to new replies.

Tags