Password Reset Email link invalid

  • Hello,

    I have a client who brought to my attention that the password reset link sent from WordPress is generating an invalid link, by adding an extra character to the end. The bottom of the email looks like this:

    To reset your password, visit the following address:

<https://www.domain.com/wp-login.php?action=rp&key=pnEx0qu8vKD6M5P7eM6A&login=admin%20name>

    The problem is that email clients are making the closing bracket part of the URL, invalidating it. For the life of me, I can’t figure out why the link is wrapped in < > at all, but it makes it unclickable. If you know about this issue, you can copy/paste without the ‘>’ at the end, but they’re running a membership site, and we cannot assume members will understand the bug and how to get around it.

    Is this a known issue in WordPress? Does anyone know of a way to eliminate the superfluous < > around the link so it doesn’t render the link unclickable?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter studio1337

    (@studio1337)

    I “fixed” this temporarily the worst way possible by editing the wp-login.php file and removing the brackets from the ‘$message .=’ email text.

    I’d like to create a function to permanently modify this, but my brain isn’t connecting the dots on the hook to use and how to replace the text in line 332:

    $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";

    See those brackets? I’m stumped as to why they’re there in the first place. A little help removing them would be most appreciated!

    • This reply was modified 8 years, 3 months ago by studio1337. Reason: a little more explanation

    I saw this post yesterday and every time I was trying to sit down and read it to reply I kept getting interrupted…

    Are you using any plugins that modify the Login process such as Theme my login? If so, please disable them and see if the problem persists. If you aren’t or if you disable them and find out that they are not causing the problem then the next thing I would look at is any caching plugins or CDNs that that you have setup. Sometimes caching plugins cause weird issues with this feature.

    Hope this helps, and sorry again for the long delay in getting back to you.

    Hi, wondering if you’ve resolved this or not, I seem to be having the same problem, extra characters in the email message. I’ve checked all of my plugins and haven’t found anything that made the problems cease to exist. Thanks for your help.

    Thread Starter studio1337

    (@studio1337)

    My apologies for the very late reply. Davood, that’s entirely possible. In fact, I went back and undid my fix to investigate again, and it appears the issue may be caused by the plug-in Maven Member. destes1, that would mean the issue isn’t in the WP core, and I’m afraid my answer won’t be helpful for you. But the “fix” I discussed in my follow-up post might help (please implement it in a better way than i did ?? ).

    I’m still not sure why the brackets are there at all, but oh well!

    Glad you resolved the issue @studio1337! Btw, I love your username ??

    @destes1, it is advised that you start your own thread for the best quality of support.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Password Reset Email link invalid’ is closed to new replies.