This will do it 🙂 add_action( ‘wp_print_scripts’, ‘DisableStrongPW’, 100 ); function DisableStrongPW() { if ( wp_script_is( ‘wc-password-strength-meter’, ‘enqueued’ ) ) { wp_dequeue_script( ‘wc-password-strength-meter’ ); } } I found the solution here.
The problem is the < and > which surround the reset URL in wp-login.php. You can remove them using retrieve_password_message in your theme functions.php file like below: add_filter(“retrieve_password_message”, “mapp_custom_password_reset”, 99, 4); function mapp_custom_password_reset($message, $key, $user_login, $user_data ) { $message = “Someone has requested a password reset for the following account: ” . sprintf(__(‘%s’), $user_data->user_email) . … Read more
The latest entered password is stored as a secure hash in a cookie named ‘wp-postpass_’ . COOKIEHASH. When the password form is called, that cookie has been validated already by WordPress. So you just have to check if that cookie exists: If it does and the password form is displayed, the password was wrong. add_filter( … Read more
The code he posted in that tutorial (very nice BTW) post’s the form to the build-in “reset password” module which redirects to the login.php on error, but you can change that and build your own based on the original and add it to the template page, change: <form method=”post” action=”<?php echo site_url(‘wp-login.php?action=lostpassword’, ‘login_post’) ?>” class=”wp-user-form”> … Read more
Here is a simple solution. Im hooking into login_headerurl. Maybe there is a better hook for this but it works, Put this in your functions.php: function wpse_lost_password_redirect() { // Check if have submitted $confirm = ( isset($_GET[‘checkemail’] ) ? $_GET[‘checkemail’] : ” ); if( $confirm ) { wp_redirect( home_url() ); exit; } } add_action(‘login_headerurl’, ‘wpse_lost_password_redirect’); … Read more
There is no absolutely safe way to store such information permanently. You have two options to increase security a little bit: Use the options table and encrypt the data Use a strong encryption method, and bind it to either: your password when you want to use the API call only when you are logged in, … Read more
You can intercept this email before it is sent using the phpmailer_init hook. By default, this hook fires before any email is sent. In the function below, $phpmailer will be an instance of PHPMailer, and you can use its methods to remove the default recipient and manipulate the email before it is sent. add_action(‘phpmailer_init’, ‘wse199274_intercept_registration_email’); … Read more
This does the trick: wp user update USERNAME –user_pass=”PASSWORD” (Found it here.)
So if you want to send the reset password link and you have access to the code base, you can use the following snippet and you can modify it further. Actually this code is a slightly modified version of wp-login.php /** * Handles sending password retrieval email to user. * * @uses $wpdb WordPress Database … Read more