How to save Admin FTP password
You can save this information on your wp-config.php file: define(‘FTP_HOST’, ‘ftp_host’); define(‘FTP_USER’, ‘ftp_username’); define(‘FTP_PASS’, ‘ftp_password’); More info (WordPress Codex)
password
Replacing the WordPress password validation
Investigating the filter authenticate, we can find that it is called inside the function wp_authenticate, which is a pluggable function. That means that it can be replaced by one of our own making. This is the original function, plus a marked entry point: function wp_authenticate($username, $password) { $username = sanitize_user($username); $password = trim($password); $user = … Read more
How do I create a password reset link?
After much research, I finally turned to examining the WordPress core file wp_login.php hoping that WP would show how they do it in a non-obtuse manner. From the information around line 331 (WP 4.6.1), I put together the following code. <?php global $gw_activate_template; extract( $gw_activate_template->result ); $url = is_multisite() ? get_blogaddress_by_id( (int) $blog_id ) : … Read more
Password protecting a page
One solution would be to create a custom Page template for Pages that you intend to password protect. Start by creating your custom Page template, perhaps named template-password-protected.php, and add the Template: file-docblock tag at the top, like so: <?php /** * Template: Password-Protected */ ?> Now, add your basic Page template markup: <?php /** … Read more
Enforcing password complexity
Well, ended up fixing this after hours of banging my head against ones keyboard. Fixed by making the first parameter of my hooked function a value instead of a reference – curious when nearly all hooks in wordpress pass the error object by reference! function validatePasswordReset( &$errors, $userData ) { return validateComplexPassword( $errors ); } … Read more
How to protect pages with double authentication: password + email (in custom field)
When you set a post as password protected, the protection happen on get_the_content() function. There WordPress check for a post password cookie, and if not set, not valid or expired then show the password form. This password form is submitted to wp-login.php, there a cookie is setted according to the password wrote in the form, … Read more
Password Reset for Users on a Multisite Subsite
This works well! “By default, WordPress Multisite uses the main blog for passwort resets. This plugin enables users to stay in their blog during the whole reset process.” <?php /** * Plugin Name: Multisite: Passwort Reset on Local Blog * Plugin URI: https://gist.github.com/eteubert/293e07a49f56f300ddbb * Description: By default, WordPress Multisite uses the main blog for passwort … Read more
Why are passwords exportable as plain text in WordPress?
You cannot export passwords as plaintext in WordPress, because they are not stored in plaintext. What you see here is obviously the result of a very bad plugin. Fields like Payment, Sex or Company are not even part of the regular WordPress tables. For the future: Do not install plugins without prior tests and reviews … Read more
How do I require authorization / login to view a specific set of posts / pages?
This is just a modification of timshutes’ answer – if you want specific pages to require login and don’t want to put them into a custom post type, you can add to functions.php: add_shortcode(‘need_login’, ‘shortcode_needLogin’); function shortcode_needLogin() { if (!is_user_logged_in()) { auth_redirect(); } } And then at the top of the pages you want to … Read more
Password Protect Custom Page
When you select password protected option in page back-end, It by-default works for content only. i.e. the_content() But if you want to password protect whole page or have a custom template, you need to have the following structure. <?php global $post; get_header(); if ( ! post_password_required( $post ) ) { // Your custom code should … Read more