It is not possible to modify the post submit meta boxes with a filter. But you can do that with JavaScript. This script will generate 10-12 random alphanumeric string and put it in the password field (if it is empty) when you click the Password protected radio button. $(‘#visibility-radio-password’).click(function () { // If there is … Read more
Redirecting web pages You can save yourself adding code to all templates in your theme by hooking this in instead. function wpse299924_redirect() { if( !is_user_logged_in() ) { wp_redirect( wp_login_url() ); die; } } add_action( ‘template_redirect’, ‘wpse299924_redirect’ ); You’re right that your images and other media will still be accessible to anyone who knows the URL, … Read more
When admin is resetting all users password are the users getting notified about the password reset? I read that with some “Emergency password reset” plugin it is available, but is it a built in feature in WordPress or no. WordPress doesn’t have an option to reset all users passwords, so it would depend on the … Read more
I have gone through the above case. I have checked when you change password you will have the option of logout every where else. So you need to check it. https://www.screencast.com/t/0tilp5u2 I will explain it the reason for the same. In this when you login into wordpress.The details are saved in the form of cookies … Read more
There is definitely a filter for that! Here is the reference link to wordpress developers page: https://developer.wordpress.org/reference/hooks/password_change_email/ Basically adding this function (with changes) to your functions.php will override your default password reset email. apply_filters( ‘password_change_email’, array $pass_change_email, array $user, array $userdata ) full example: add_filter( ‘password_change_email’, ‘rt_change_password_mail_message’, 10, 3 ); function rt_change_password_mail_message( $pass_change_mail, $user, $userdata … Read more
Since this is a multisite you’ll have to put the disable password filter in a mu-plugin. Create a file in wp-content/mu-plugins with: <?php add_filter( ‘allow_password_reset’, ‘__return_false’ ); That should completely disable password recovery. It will affect all sites, not just that one customer’s: if that’s not what you intended you’ll have to add logic here … Read more
Yes, it’s wp_is_application_passwords_available to globally disable them: add_filter( ‘wp_is_application_passwords_available’, ‘__return_false’ ); or wp_is_application_passwords_available_for_user to turn them on and off by role or individually.
Here’s the filter to exclude password protected posts from the default RSS feed: function rss_filter_protected( $query ) { if ( $query->is_feed ) { $query->set( ‘has_password’, false ); } return $query; } add_filter( ‘pre_get_posts’,’rss_filter_protected’ );
You need to use strlen() to determine the length of a variable, so your second if condition is invalid. As it is, this question is not really related to WordPress, so likely off-topic.
WordPress does not just MD5 hash the password, it runs it through wp_hash_password() which in turn runs through the $wp_hasher (a global object) HashPassword method. This does some hsld crap to include getting random bytes of data, salting the password, and encrypting it. Basically it’s doing a whole lot more than an md5 to make … Read more