foykwalla
Forum Replies Created
-
Hi,
Thank you for the follow-up.
Here is the Pastebin link containing the WooCommerce System Status Report:
https://pastebin.com/1YTtda8ZHere is the screen recording showing the issue step-by-step:
[https://www.loom.com/share/ac47600ebd0c4b208ec8cf3d9f7aa867]
The recording includes:
- requesting the password reset
- receiving the reset email
- opening the generated reset link
- the resulting redirected URL
- the “This key is invalid or has already been used” error message
Thank you again for continuing to investigate this.
Thank you.
I had already generated and shared the WooCommerce System Status Report earlier via Pastebin/Snipboard along with the screenshots and reset URL behavior. I have now shared the System Status Report again via Pastebin for easier reference.
At this stage, after extensive testing and eliminating:
- theme overrides
- plugins
- code snippets
- security plugins
- caching
- server-level rewrite/CDN behavior
the issue appears increasingly tied to the existing installation database or password reset validation flow itself, especially since a fresh WordPress + WooCommerce installation on the same Hostinger account works correctly.
Thank you again for continuing to investigate this.
Thank you for the detailed response.
I followed the troubleshooting steps you suggested and wanted to share the results.
What I tested:
- Checked the active Woodmart child theme:
- no WooCommerce template overrides exist there
- functions.php only contains the default enqueue styles function
- Checked the main Woodmart theme:
- WooCommerce template overrides do exist under:
woodmart/woocommerce/myaccount/ - I temporarily disabled the entire WooCommerce override folder by renaming:
woodmart/woocommerce/ - The password reset issue still persisted
- WooCommerce template overrides do exist under:
- Checked all custom snippets in the Code Snippets plugin:
- none of the snippets modify:
lostpassword_url
retrieve_password
woocommerce_get_endpoint_url
redirects
login/account behavior
sessions
reset validation - the snippets are mainly checkout/payment related
- none of the snippets modify:
- Checked MU plugins:
- only Hostinger auto-updates plugin exists
- no login/account modifications there
- Deactivated Really Simple Security completely
- purged LiteSpeed cache
- tested in incognito/private browser
- issue still persists
- Re-saved WooCommerce account endpoints
- Re-saved permalinks multiple times
- Cleared LiteSpeed cache repeatedly
- Verified server-level behavior with Hostinger support:
- Hostinger confirmed there are no server-level caching, security, CDN, or redirect rules stripping query arguments from password reset URLs
- According to Hostinger, the issue is likely originating from the WordPress installation itself (theme/plugins/customizations/database)
- Tested using a default WordPress theme:
- same issue persisted
Current behavior:
The reset URL now appears structurally correct, for example:However, WooCommerce/WordPress still immediately returns:
“This key is invalid or has already been used.”Additional important observation:
A completely fresh WordPress + WooCommerce installation on the same Hostinger account works perfectly with password reset functionality using the same SMTP setup and same server environment.At this point, after eliminating:
- theme overrides
- child theme functions
- code snippets
- security plugin interference
- cache/CDN behavior
- SMTP/server issues
- server-level rewrite/caching issues
it increasingly appears the live installation database or user/account data may be corrupted in some way, especially related to password reset key generation/validation or user_activation_key handling.
Additional requested materials:
- WooCommerce System Status Report was shared via Pastebin
- Screenshots/screen recording showing:
- the generated reset email link
- resulting redirected URL
- invalid key message
were also shared via Snipboard.
Thank you again for the assistance.