I’ve managed to find why I couldn’t change the error message. For some reason, our old dev has put a login_error_override() in Theme’s Function (function.php from theme). After commented the function call, my custom error worked perfectly, as well the original error messages from theme, wordpress and plugins. //add_filter(‘login_errors’, ‘login_error_override’);
I had this problem and it took me all week to figure it out. I know OP has probably solved it by now, but for the others like me who surfed here looking for answers: Open the wp-config.php file and use this website ( https://api.wordpress.org/secret-key/1.1/salt/ ) to replace the lines of code that start with: … Read more
I still wouldn’t recommend this because it is probably exploitable somehow… Technically assuming all the right hooks and functions are called, a user should not be able to login if supplying a blank password even if the user_pass field in the database is empty. Why…? When you try to login using the form as seen … Read more
Here’s a combination of these two great answers (21697 & 71284) to similar questions. wpse241424_check_post_pass() runs early on the wp hook on single password protected pages. If an invalid password is entered, the INVALID_POST_PASS constant is set for use later in the form, and the password entry error cookie is removed to prevent the error … Read more
I had the same issue with this, I assume you’re working from this guide – https://code.tutsplus.com/tutorials/build-a-custom-wordpress-user-flow-part-3-password-reset–cms-23811 Have a look at the actual reset password form where it shows pass1 and pass2. The hidden fields values are automatically set to $attribute[‘key’] and $attribute[‘login’]. Changing this to $_REQUEST[‘key’] and $_REQUEST[‘login’] should solve the issue. Hope this helps.
You would be better suited by allowing members to sign up on your site, then giving each uses level permissions to read different posts. A plugin like Members might work for this. But, if you really want to do what you asked, you’re going to have to do some javascript hacking or completely remove the … Read more
Before WordPress 2.5 passwords were simply hashed with md5. WP 2.5 introduced phpass, where a password gets hashed and salted several times, in order to be safe against rainbow tables. A littel Googling on phpass and dotnet revealed this post http://davebeer.com/posts/migrating-wordpress-users-to-dotnet/ briefly describing a how to migrating WP users to dotnet.
I solved issue with suggestion of @TheDeadMedic. Below is the code. As he told added while have post. I added it after header. <?php /** * Template Name: Page * */ global $post; if ( ! post_password_required( $post ) ) { get_header(); while ( have_posts() ) { the_post(); } ?> <div id=”Content”> <div class=”content_wrapper clearfix”> … Read more
From line 213 of wp-login.php: $wpdb->update($wpdb->users, array(‘user_activation_key’ => $key), array(‘user_login’ => $user_login)); So yes, the key is the user_activation_key. Don’t know what you need to know that for but if you look in that file you’ll see there are several ways to hook into it.
I figured it out. I created a plugin that adds a filter for random_password, like so: function my_password_filter($input) { $words = explode(‘ ‘, “apple arm banana bike bird book chin clam class clover club corn crayon crow crown crowd crib desk dime dirt dress fang field flag flower fog game heat hill home horn hose … Read more