This works well! “By default, WordPress Multisite uses the main blog for passwort resets. This plugin enables users to stay in their blog during the whole reset process.” <?php /** * Plugin Name: Multisite: Passwort Reset on Local Blog * Plugin URI: https://gist.github.com/eteubert/293e07a49f56f300ddbb * Description: By default, WordPress Multisite uses the main blog for passwort … Read more
You cannot export passwords as plaintext in WordPress, because they are not stored in plaintext. What you see here is obviously the result of a very bad plugin. Fields like Payment, Sex or Company are not even part of the regular WordPress tables. For the future: Do not install plugins without prior tests and reviews … Read more
This is just a modification of timshutes’ answer – if you want specific pages to require login and don’t want to put them into a custom post type, you can add to functions.php: add_shortcode(‘need_login’, ‘shortcode_needLogin’); function shortcode_needLogin() { if (!is_user_logged_in()) { auth_redirect(); } } And then at the top of the pages you want to … Read more
When you select password protected option in page back-end, It by-default works for content only. i.e. the_content() But if you want to password protect whole page or have a custom template, you need to have the following structure. <?php global $post; get_header(); if ( ! post_password_required( $post ) ) { // Your custom code should … Read more
This will do it 🙂 add_action( ‘wp_print_scripts’, ‘DisableStrongPW’, 100 ); function DisableStrongPW() { if ( wp_script_is( ‘wc-password-strength-meter’, ‘enqueued’ ) ) { wp_dequeue_script( ‘wc-password-strength-meter’ ); } } I found the solution here.
The problem is the < and > which surround the reset URL in wp-login.php. You can remove them using retrieve_password_message in your theme functions.php file like below: add_filter(“retrieve_password_message”, “mapp_custom_password_reset”, 99, 4); function mapp_custom_password_reset($message, $key, $user_login, $user_data ) { $message = “Someone has requested a password reset for the following account: ” . sprintf(__(‘%s’), $user_data->user_email) . … Read more
The latest entered password is stored as a secure hash in a cookie named ‘wp-postpass_’ . COOKIEHASH. When the password form is called, that cookie has been validated already by WordPress. So you just have to check if that cookie exists: If it does and the password form is displayed, the password was wrong. add_filter( … Read more
The code he posted in that tutorial (very nice BTW) post’s the form to the build-in “reset password” module which redirects to the login.php on error, but you can change that and build your own based on the original and add it to the template page, change: <form method=”post” action=”<?php echo site_url(‘wp-login.php?action=lostpassword’, ‘login_post’) ?>” class=”wp-user-form”> … Read more
Here is a simple solution. Im hooking into login_headerurl. Maybe there is a better hook for this but it works, Put this in your functions.php: function wpse_lost_password_redirect() { // Check if have submitted $confirm = ( isset($_GET[‘checkemail’] ) ? $_GET[‘checkemail’] : ” ); if( $confirm ) { wp_redirect( home_url() ); exit; } } add_action(‘login_headerurl’, ‘wpse_lost_password_redirect’); … Read more
There is no absolutely safe way to store such information permanently. You have two options to increase security a little bit: Use the options table and encrypt the data Use a strong encryption method, and bind it to either: your password when you want to use the API call only when you are logged in, … Read more