You will receive a link to create a new password
via email.", 'ginastica_natural'); $showInput = true; if($_POST['action'] == "tg_pwd_reset"){ if ( !wp_verify_nonce( $_POST['tg_pwd_nonce'], "tg_pwd_nonce")) { exit("No trick please"); } if(empty($_POST['user_input'])) { $message = __("Please enter your Username or E-mail address", 'ginastica_natural'); exit(); } //We shall SQL escape the input $user_input = $wpdb->escape(trim($_POST['user_input'])); if ( strpos($user_input, '@') ) { $user_data = get_user_by_email($user_input); if(empty($user_data) || $user_data->caps[administrator] == 1) { //the condition $user_data->caps[administrator] == 1 to prevent password change for admin users. //if you prefer to offer password change for admin users also, just delete that condition. $message = __("Invalid E-mail address!", 'ginastica_natural'); exit(); } } else { $user_data = get_userdatabylogin($user_input); if(empty($user_data) || $user_data->caps[administrator] == 1) { //the condition $user_data->caps[administrator] == 1 to prevent password change for admin users. //if you prefer to offer password change for admin users also, just delete that condition. $message = __("Invalid username!", 'ginastica_natural'); exit(); } } $user_login = $user_data->user_login; $user_email = $user_data->user_email; $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login)); if(empty($key)) { //generate reset key $key = wp_generate_password(20, false); $wpdb->update($wpdb->users, array('user_activation_key' => $key), array('user_login' => $user_login)); } //emailing password change request details to the user $message = __('Someone requested that the password be reset for the following account:', 'ginastica_natural') . "\r\n\r\n"; $message .= "Ginástica Natural" . "\r\n\r\n"; $message .= sprintf(__('Username: %s', 'ginastica_natural'), $user_login) . "\r\n\r\n"; $message .= __('If this was a mistake, just ignore this email and nothing will happen.', 'ginastica_natural') . "\r\n\r\n"; $message .= __('To reset your password, visit the following address:', 'ginastica_natural') . "\r\n\r\n"; $message .= tg_validate_url() . "action=reset_pwd&key=$key&login=" . rawurlencode($user_login) . "\r\n"; if ( $message && !wp_mail($user_email, __('Password Reset Request', 'ginastica_natural'), $message) ) { $message = __("Email failed to send for some unknown reason.", 'ginastica_natural'); exit(); } else{ $message = __("We have just sent you an email with Password reset instructions", 'ginastica_natural'); $showInput = false; } } if(isset($_GET['key']) && $_GET['action'] == "reset_pwd") { $reset_key = $_GET['key']; $user_login = $_GET['login']; $user_data = $wpdb->get_row($wpdb->prepare("SELECT ID, user_login, user_email FROM $wpdb->users WHERE user_activation_key = %s AND user_login = %s", $reset_key, $user_login)); $user_login = $user_data->user_login; $user_email = $user_data->user_email; if(!empty($reset_key) && !empty($user_data)) { $new_password = wp_generate_password(7, false); //you can change the number 7 to whatever length needed for the new password wp_set_password( $new_password, $user_data->ID ); //mailing the reset details to the user $message = __('Your new password for the account at:', 'ginastica_natural') . "\r\n\r\n"; $message .= get_bloginfo('name') . "\r\n\r\n"; $message .= sprintf(__('Username: %s', 'ginastica_natural'), $user_login) . "\r\n\r\n"; $message .= sprintf(__('Password: %s', 'ginastica_natural'), $new_password) . "\r\n\r\n"; $message .= __('You can now login with your new password at: ', 'ginastica_natural') . home_url() . "\r\n\r\n"; if ( $message && !wp_mail($user_email, __('Password Reset Request', 'ginastica_natural'), $message) ) { $message = __("Email failed to sent for some unknown reason", 'ginastica_natural'); } else { $message = __("Your new password was successfully emailed to you.", 'ginastica_natural'); $showInput = false; } } else $message = __("This recovery password link has already expired.", 'ginastica_natural'); } ?> Home | Ginástica Natural