Password Reset Link Redirects to Login

I just updated the plugin on my development site to version 3.0.6 from 2.6 and now the issue also exists on the dev site. It was working with the old version. The new version is also active on the production site where the issue was first encountered.

I also did further testing by disabling other plugins on the site, as well as disabling all the security setting on the server and continued to experience the problem where it does not redirect to the ?submitted=yes query string on the lost password url after submitting the email address.

I also tested by manually adding the ?submitted=yes to the login url, then clicking the lost password link. The query persisted after submitting the email, and it was also included in the reset link from the email. After following the link from the email, I was saw the reset form, and successfully changed the password. Apparently, the ?submitted=yes along with the key=xxxxx is sufficient to change the password.

So, any ideas why the ?submitted=yes is not being added when the email is submitted?

Thanks,
Donnie

Hi Donnie,

I have just tried this on my test rig, and indeed the latest version does no longer include ?submitted=yes, but the thing works fine without it.

Please do this test:

Create a new page with the only the [wppb-recover-password] shortcode in it.

Does that one work properly?

If not, then please send a link to it, and also a link to the registration page so that I can register a test user and experience the issue.

With the best of regards,
Gabriel

i lost the password of my site can you help me to reset the password

site here https://instplusapk.com/

Hi there,

Use your password recovery system:

https://instplusapk.com/wp-login.php?action=lostpassword

Best regards,
Gabriel

Hi Gabriel,

I created a test page at https://submityourloanapplication.com/password-reset/ with the password reset shortcode only, but it does not work. But, if you add the query string ?submitted=yes it does.

The registration page is at https://submityourloanapplication.com/user-registration/ for testing.

(I apologize for the late response – I replied in the email notification and apparently you do not get those).

Hi @crackajax

It does not show because for some reason it’s hidden in your theme’s style.css:

#wppb-recover-password-container, #wppb-recover-password label, .reset-password #wppb-login-wrap, .reset-password .login-title, .password-reset-title {

    display: none;

}

With best of wishes,
Gabriel

Thanks Gabriel! That lead me to the solution.

The problem is that the developers changed query variables in the url and IDs in the HTML that broke my custom system dependencies.

The Login/Password Reset form used to have the id=”loginform” and it was changed to id=”wppb-loginform”. This broke the styling on this form causing all of my multisite forms to look really bad.

The issue reported in this ticket was that formerly the password reset query string included ?submitted=yes, which I was parsing in my JavaScript, and if present, add a class=”reset-password” used to either hide/show the login form versus the reset form. This query variable was removed from the reset url sent in the email. I have updated my JavaScript to detect the “key” variable to accomplish the same thing.

Unfortunately, these changes caused a lot of pain for my client’s customers. I would politely ask that when updating your plugin that changing IDs, classes and query variables that more care be taken with such changes so that developers relying on those selectors will not have broken sites unexpectedly.

Thanks for all your help in getting me there.

Hi @crackajax

All right, I see.

Sorry for the trouble, I am passing this on to development.

But in any case, I am really glad that you figured it out.

With best of regards,
Gabriel