Lost/Reset Password no longer working

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter Andy Feliciotti

    (@someguy9)

    Revisiting this I think it’s just not correctly displaying errors, for example if you give an insecure password it’ll just say incorrect key without an error explaining why

    Thread Starter Andy Feliciotti

    (@someguy9)

    Okay well I found the fix for the glitch in 3.9.2 in this plugin… basically it’s using get when it should be using the cookie

    Around line 2460 this is the code I used to fix the issue for password resets

    $rp_cookie = ‘wp-resetpass-‘ . COOKIEHASH;

    if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ‘:’ ) ) {
    list( $rp_login, $rp_key ) = explode( ‘:’, wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
    }

    if ($action == ‘rp’) {
    $uri .= ‘&key=’ . urlencode(@$rp_key);
    $uri .= ‘&login=’ . urlencode(@$rp_login);
    }

    Plugin Author Daniel Convissor

    (@convissor)

    Thanks again for the pull request and bringing this to my attention. Fixed in release 0.45.0.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Lost/Reset Password no longer working’ is closed to new replies.