I can’t recover my password
If the cookie named $rp_cookie exists and if the colon character (:) in the cookie is not the first character, then…
password
Temporary access to page with URL sent to email
The users could be sent a link with parameters: “{url}/booking0914?token=zxy321” Your action hook would allow users with the correct token to proceed. Others would be redirected.
Reset WordPress admin users to limit access
In principle, just resetting the password, plus invoke the “Log out everywhere else” on the user profile, should be enough to prevent benign user knowing the password. Reset the web host customer password, including any associated FTP account password. Use strong and unique passwords. But, in case any unknown, possibly malicious user, may have had … Read more
How to invalidate `password reset key` after being used
How to invalidate `password reset key` after being used
Login/password protected “client page”
I am going to recommend you reorganize your thinking. Instead of having posts generate a user login (which is complicated, but can be done), I think you can associate a post to a user. Unfortunately, it doesn’t seem there are any plugins that will do this for you. I wrote this quick plugin you can … Read more
Blocking wp-login in HTACCESS has also blocked password protected pages
Unfortunately a Password Protected post uses the wp-login.php file to process the password authentication for a post. So your Apache snippet of blocking all but those specific IPs is going to apply to anything that is password protected as well. You can get nerdy and read code. In here you can see that Post Password … Read more
Sending Reset Password email via Web API
You can hook retrieve_password_message (code): /** * Filters the message body of the password reset mail. * * If the filtered message is empty, the password reset email will not be sent. * * @param string $message Default mail message. * @param string $key The activation key. * @param string $user_login The username for the … Read more
How to change lost password email text using custom plugin wordpress?
The filter for the Message that is sent to reset your password is retrieve_password_message. You use it like this: add_filter(‘retrieve_password_message’,’my_awesome_new_password_reset_email’,10,4); function my_awesome_new_password_reset_email($message, $key, $user_login, $user_data){ $message = “Hey, you need a new Password? Click here: “.site_url( “wp-login.php?action=rp&key=$key&login=”.rawurlencode( $user_login ),’login’).”!”; return $message; } $message is the original E-Mail Body, $key is the reset password key, $user_login … Read more
Automatically change the page password for more than one page
To make this work on multiple posts, your options are either write the ‘where’ clause for the update as a SQL ‘IN’, e.g. using the answer here – this will use the same newly-generated password for every post add a loop and call $wpdb->update individually for each post – this will either make a new … Read more
wp_set_password() does not work!
Nested if/else/elseifs are usually too complex for me to figure out. I’d change your code to use SWITCH/CASE to determine proper input and to change the password if all is OK. And to sanitize $_POST (and $_GET) inputs, I just put this in my functions file: $_GET = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING); $_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING); Then … Read more