Skip to content

Instantly share code, notes, and snippets.

@kirillrocks

kirillrocks/2017-10-10_21-21-18.txt

Created October 10, 2017 18:19
Show Gist options
  • Save kirillrocks/da989e73757376502322b19f08f69795 to your computer and use it in GitHub Desktop.
Save kirillrocks/da989e73757376502322b19f08f69795 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
2017-10-10_21-21-18.txt
add_action( 'wp_ajax_nopriv_cj_generate_reset_link', 'cj_generate_reset_link' );
function cj_generate_reset_link(){
if ( wp_verify_nonce( $_POST['nonce'], 'ajax-forgot-nonce' ) ) {
echo cj_retrieve_password($_POST['email']);
}
exit();
}
function cj_retrieve_password($user_login) {
global $wpdb, $wp_hasher;
$user_login = sanitize_text_field( $user_login );
if ( empty( $user_login ) ) {
return false;
} else if ( strpos( $user_login, '@' ) ) {
$user_data = get_user_by( 'email', trim( $user_login ) );
if ( empty( $user_data ) ) {
return false;
}
} else {
$login = trim( $user_login );
$user_data = get_user_by( 'login', $login );
}
do_action( 'lostpassword_post' );
if ( ! $user_data ) {
return false;
}
// redefining user_login ensures we return the right case in the email
$user_login = $user_data->user_login;
$user_email = $user_data->user_email;
do_action( 'retreive_password', $user_login ); // Misspelled and deprecated
do_action( 'retrieve_password', $user_login );
$allow = apply_filters( 'allow_password_reset', true, $user_data->ID );
if ( ! $allow ) {
return false;
} else if ( is_wp_error( $allow ) ) {
return false;
}
$key = get_password_reset_key( $user_data );
$message = __( 'התקבלה בקשה לאיפוס הסיסמה עבור המשתמש הבא:' ) . "\r\n\r\n";
$message .= network_home_url( '/' ) . "\r\n\r\n";
$message .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n\r\n";
$message .= __( 'If this was a mistake, just ignore this email and nothing will happen.' ) . "\r\n\r\n";
$message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n";
$message .= '<' . network_site_url( "?action=cj_reset_password&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . ">\r\n";
if ( is_multisite() ) {
$blogname = $GLOBALS['current_site']->site_name;
} else {
$blogname = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
}
$title = sprintf( __( '[%s] Password Reset' ), $blogname );
$title = apply_filters( 'retrieve_password_title', $title );
$message = apply_filters( 'retrieve_password_message', $message, $key );
if ( $message && ! wp_mail( $user_email, $title, $message ) ) {
return false;
}
return true;
}
add_action( 'wp_ajax_nopriv_cj_reset_user_pass_reset', 'cj_reset_user_pass_reset' );
function cj_reset_user_pass_reset() {
if ( wp_verify_nonce( $_POST['nonce'], 'ajax-forgot-nonce-reset' ) ) {
echo cj_change_user_password();
}
exit;
}
function cj_change_user_password() {
$params = $_POST;
$user = check_password_reset_key($params['key'], $params['login']);
// Check if key is valid
if ( is_wp_error($user) ) {
if ( $user->get_error_code() === 'expired_key' ){
$status = 'expiredkey' ;
}
else{
$status = 'invalidkey' ;
}
return $status;
}
// check if keys match
if ( isset($params['pass1']) && $params['pass1'] != $params['pass2'] ){
$status = 'mismatch';
}else{
$lowercase = preg_match('@[a-z]@', $params['pass1']);
$number = preg_match('@[0-9]@', $params['pass1']);
if( !$lowercase || !$number || strlen($params['pass1']) < 6) {
$status = 'notsafe';
return $status;
}
// Update the user pass
reset_password($user, $params['pass1']);
$status ='success';
}
return $status;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment