Benham Design

Why close the thread without posting a resolution, I am having the same problem. Please post the resolution.

• This reply was modified 4 months, 1 week ago by Benham Design.

Takayuki, I was able to get additional code validation to work when adding my code directly to the functions.php file. But when I add any code to your additional settings tab nothing happens. I either misundstand what the additional settings tab code box is for or your plugin is broken when it comes to the additional setting tab.

• This reply was modified 11 months, 1 week ago by Benham Design.

@takayuki Miyoshi Thanks I read that and can’t make it work hence why I am posting to see if I can get help on the code that isn’t working

Thanks

Brian

@takayukister the required fields statement was related to my suggestion to create a feature that would prevent the form sending if both first and last name fields were identical.

basically the first and last name fields would be required, with some sort of “if statement” that if they were identical the form would not send.

required to be filled in and required to be different

my site was hacked several time over several days. Each time it was hacked I could not login through Theme My Login plugin.
It would say, incorrect password.
When I clicked the reset password link or log in with wordpress, the page would redirect back to the Theme My Login Page. It would not allow me to send a link to my email to reset my password or login via wordpress credentials.

I had to use an FTP client to disable your plugin so I could use the default wordpress page to reset my password.

So even if they did not get in through your plugin, they used it against me to prevent me from re-gaining access to the admin area of wordpress.
Since completely deleting your plugin my site has not been compromised since.

After being hacked I did the standard things, of resetting all my passwords, virus scan, reload from backup etc, and yet they got in again.

Since deleting your plugin which is the only thing I did different from all the other times I was hacked, I have not had any issues since.

You may be wondering if my site was actually hacked or if this was just a login issue. Each time, non english verbiage was injected into the descriptions of my site which showed up in search results. Which in turn triggered google to send me a message through “Google search console/webmaster tools” saying they have delisted mysite because it had been hacked, along with other issues related to the hack.

So whether or not you think my experience is the smoking gun proof that your plugin was responsible for allowing my site to be hacked is totally up to you.

In my mind it seems pretty definitive that there is something wrong with your plugin since they were able to use it to prevent me from resetting my password or logging in with my wordpress credentials, in turn having to disable your plugin to regain access.