data->ID, 'user_status' ) ){ $retMessage = ''. __('ERROR', 'profile-builder') . ': ' . __('Your account has to be confirmed by an administrator before you can use the "Password Reset" feature.', 'profile-builder'); $retMessage = apply_filters('wppb_recover_password_unapporved_user', $retMessage); $messageNo = '6'; } } return array( $retMessage, $messageNo ); } /** * Function that retrieves the unique user key from the database. If we don't have one we generate one and add it to the database * * @param string $requested_user_login the user login * */ function wppb_retrieve_activation_key( $requested_user_login ){ global $wpdb; $key = $wpdb->get_var( $wpdb->prepare( "SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $requested_user_login ) ); if ( empty( $key ) ) { // Generate something random for a key... $key = wp_generate_password( 20, false ); do_action('wppb_retrieve_password_key', $requested_user_login, $key); // Now insert the new md5 key into the db $wpdb->update($wpdb->users, array('user_activation_key' => $key), array('user_login' => $requested_user_login)); } return $key; } /** * Function that creates a generate new password form * * @param array $post_data $_POST * */ function wppb_create_recover_password_form( $user, $post_data ){ ?>

" value="" />

ID, 'password_recovery_nonce_field2' ); ?>
' . __( 'Please enter your username or email address.', 'profile-builder' ); $recover_notification .= '
'.__( 'You will receive a link to create a new password via email.', 'profile-builder' ).'

'; echo apply_filters( 'wppb_recover_password_message1', $recover_notification ); $username_email = ( isset( $post_data['username_email'] ) ? $post_data['username_email'] : '' ); $username_email_label = __( 'Username or E-mail', 'profile-builder' ); $recover_input = ''; echo apply_filters( 'wppb_recover_password_generate_password_input', $recover_input, trim( $username_email ) ); ?>

get_results( $wpdb->prepare( "SELECT * FROM $wpdb->users WHERE user_login= %s", $postedData ) ); if( !empty( $query[0] ) ){ $postedData = $query[0]->user_email; } } else{ $message = __( 'The username entered wasn\'t found in the database!', 'profile-builder').'
'.__('Please check that you entered the correct username.', 'profile-builder' ); $message = apply_filters( 'wppb_recover_password_sent_message4', $message ); $messageNo = '4'; } } // we should have an email by this point if ( is_email( $postedData ) ){ if ( email_exists( $postedData ) ){ $retVal = wppb_check_for_unapproved_user($postedData, 'user_email'); if ($retVal[0] != ''){ $message = $retVal[0]; $messageNo = $retVal [1]; }else{ $message = sprintf( __( 'Check your e-mail for the confirmation link.', 'profile-builder'), $postedData ); $message = apply_filters( 'wppb_recover_password_sent_message1', $message, $postedData ); $messageNo = '1'; } }elseif ( !email_exists( $postedData ) ){ $message = __('The email address entered wasn\'t found in the database!', 'profile-builder').'
'.__('Please check that you entered the correct email address.', 'profile-builder'); $message = apply_filters('wppb_recover_password_sent_message2', $message); $messageNo = '2'; } } // For some extra validations you can filter messageNo $messageNo = apply_filters( 'wppb_recover_password_message_no', $messageNo ); if( $messageNo == '1' ) { //verify e-mail validity $query = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $wpdb->users WHERE user_email= %s", sanitize_email( $postedData ) ) ); if( !empty( $query[0] ) ){ $requestedUserID = $query[0]->ID; $requestedUserLogin = $query[0]->user_login; $requestedUserEmail = $query[0]->user_email; $requestedUserNicename = $query[0]->user_nicename; if( $wppb_generalSettings['loginWith'] == 'username' || $wppb_generalSettings['loginWith'] == 'usernameemail' ) $display_username_email = $query[0]->user_login; else $display_username_email = $query[0]->user_email; //search if there is already an activation key present, if not create one $key = wppb_retrieve_activation_key( $requestedUserLogin ); //send primary email message $recoveruserMailMessage1 = sprintf( __('Someone requested that the password be reset for the following account: %1$s
If this was a mistake, just ignore this email and nothing will happen.
To reset your password, visit the following link:%2$s', 'profile-builder'), $display_username_email, ''.esc_url( add_query_arg( array( 'loginName' => $requestedUserNicename, 'key' => $key ), wppb_curpageurl() ) ).''); $recoveruserMailMessage1 = apply_filters( 'wppb_recover_password_message_content_sent_to_user1', $recoveruserMailMessage1, $requestedUserID, $requestedUserLogin, $requestedUserEmail ); $recoveruserMailMessageTitle1 = sprintf(__('Password Reset from "%1$s"', 'profile-builder'), $blogname = get_option('blogname') ); $recoveruserMailMessageTitle1 = apply_filters('wppb_recover_password_message_title_sent_to_user1', $recoveruserMailMessageTitle1, $requestedUserLogin); //send mail to the user notifying him of the reset request if (trim($recoveruserMailMessageTitle1) != ''){ $sent = wppb_mail($requestedUserEmail, $recoveruserMailMessageTitle1, $recoveruserMailMessage1); if ($sent === false){ $message = ''. __( 'ERROR', 'profile-builder' ) .': ' . sprintf( __( 'There was an error while trying to send the activation link to %1$s!', 'profile-builder' ), $postedData ); $message = apply_filters( 'wppb_recover_password_sent_message_error_sending', $message ); $messageNo = '5'; } } } } } // If the user used the correct key-code, update his/her password elseif ( 'POST' == $_SERVER['REQUEST_METHOD'] && !empty( $_POST['action2'] ) && $_POST['action2'] == 'recover_password2' && wp_verify_nonce( $_POST['password_recovery_nonce_field2'], 'verify_true_password_recovery2_'.absint( $_POST['userData'] ) ) ) { if( ( $_POST['passw1'] == $_POST['passw2'] ) && ( !empty( $_POST['passw1'] ) && !empty( $_POST['passw2'] ) ) ){ if( !empty( $wppb_generalSettings['minimum_password_length'] ) || ( isset( $_POST['wppb_password_strength'] ) && !empty( $wppb_generalSettings['minimum_password_strength'] ) ) ){ $message2 = ''; if( wppb_check_password_length( $_POST['passw1'] ) ){ $message2 .= '
' . sprintf( __( "The password must have the minimum length of %s characters", "profile-builder" ), $wppb_generalSettings['minimum_password_length'] ) . '
'; $messageNo2 = '2'; } if( wppb_check_password_strength() ){ $message2 .= '
'. sprintf( __( "The password must have a minimum strength of %s", "profile-builder" ), wppb_check_password_strength() ); $messageNo2 = '2'; } } if( $messageNo2 != 2 ){ $message2 = __( 'Your password has been successfully changed!', 'profile-builder' ); $messageNo2 = '1'; $userID = absint( $_POST['userData'] ); $new_pass = $_POST['passw1']; //update the new password and delete the key do_action( 'wppb_password_reset', $userID, $new_pass ); wp_set_password( $new_pass, $userID ); $user_info = get_userdata( $userID ); if( $wppb_generalSettings['loginWith'] == 'username' || $wppb_generalSettings['loginWith'] == 'usernameemail' ) $display_username_email = $user_info->user_login; else $display_username_email = $user_info->user_email; //send secondary mail to the user containing the username and the new password $recoveruserMailMessage2 = sprintf( __( 'You have successfully reset your password to: %1$s', 'profile-builder' ), $new_pass ); $recoveruserMailMessage2 = apply_filters( 'wppb_recover_password_message_content_sent_to_user2', $recoveruserMailMessage2, $display_username_email, $new_pass, $userID ); $recoveruserMailMessageTitle2 = sprintf( __('Password Successfully Reset for %1$s on "%2$s"', 'profile-builder' ), $display_username_email, $blogname = get_option('blogname') ); $recoveruserMailMessageTitle2 = apply_filters( 'wppb_recover_password_message_title_sent_to_user2', $recoveruserMailMessageTitle2, $display_username_email ); //send mail to the user notifying him of the reset request if ( trim( $recoveruserMailMessageTitle2 ) != '' ) wppb_mail( $user_info->user_email, $recoveruserMailMessageTitle2, $recoveruserMailMessage2 ); //send email to admin $recoveradminMailMessage = sprintf( __( '%1$s has requested a password change via the password reset feature.
His/her new password is:%2$s', 'profile-builder' ), $display_username_email, $_POST['passw1'] ); $recoveradminMailMessage = apply_filters( 'wppb_recover_password_message_content_sent_to_admin', $recoveradminMailMessage, $display_username_email, $_POST['passw1'], $userID ); $recoveradminMailMessageTitle = sprintf( __( 'Password Successfully Reset for %1$s on "%2$s"', 'profile-builder' ), $display_username_email, $blogname = get_option('blogname'), ENT_QUOTES ); $recoveradminMailMessageTitle = apply_filters( 'wppb_recover_password_message_title_sent_to_admin', $recoveradminMailMessageTitle, $display_username_email ); //we disable the feature to send the admin a notification mail but can be still used using filters $recoveradminMailMessageTitle = ''; $recoveradminMailMessageTitle = apply_filters( 'wppb_recover_password_message_title_sent_to_admin', $recoveradminMailMessageTitle, $display_username_email ); //send mail to the admin notifying him of of a user with a password reset request if (trim($recoveradminMailMessageTitle) != '') wppb_mail(get_option('admin_email'), $recoveradminMailMessageTitle, $recoveradminMailMessage); } } else{ $message2 = __( 'The entered passwords don\'t match!', 'profile-builder' ); $messageNo2 = '2'; } } ?>
get_row( $wpdb->prepare( "SELECT * FROM $wpdb->users WHERE user_activation_key = %s AND user_nicename = %s", $key, $login_nicename ) ); if( !empty( $user ) ){ //check if the "finalAction" variable is not in the address bar, if it is, don't display the form anymore if( isset( $_GET['finalAction'] ) && ( $_GET['finalAction'] == 'yes' ) ){ if( $messageNo2 == '2' ){ echo apply_filters( 'wppb_recover_password_password_changed_message2', '

'.$message2.'

', $message2 ); wppb_create_recover_password_form( $user, $_POST ); }elseif( $messageNo2 == '1' ) echo apply_filters( 'wppb_recover_password_password_changed_message1', '

'.$message2.'

', $message2 ); }else{ wppb_create_recover_password_form( $user, $_POST ); } }else{ if( $messageNo2 == '1' ) { // CHECK FOR REDIRECT $redirect_url = wppb_get_redirect_url( 'normal', 'after_success_password_reset', '', sanitize_user( $_GET['loginName'] ) ); $redirect_delay = apply_filters( 'wppb_success_password_reset_redirect_delay', 3, sanitize_user( $_GET['loginName'] ) ); $redirect_message = wppb_build_redirect( $redirect_url, $redirect_delay, 'after_success_password_reset' ); echo apply_filters( 'wppb_recover_password_password_changed_message1', '

' . $message2 . '

', $message2 ); if( isset( $redirect_message ) && ! empty( $redirect_message ) ) { echo '

' . $redirect_message . '

'; } } elseif( $messageNo2 == '2' ) echo apply_filters( 'wppb_recover_password_password_changed_message2', '

'.$message2.'

', $message2 ); else echo apply_filters( 'wppb_recover_password_invalid_key_message', '

'.__( 'ERROR:', 'profile-builder' ).''.__( 'Invalid key!', 'profile-builder' ).'

' ); } }else{ //display error message and the form if (($messageNo == '') || ($messageNo == '2') || ($messageNo == '4')){ if( !empty( $message ) ) echo apply_filters( 'wppb_recover_password_displayed_message1', '

'.$message.'

' ); wppb_create_generate_password_form( $_POST ); }elseif (($messageNo == '5') || ($messageNo == '6')) echo apply_filters( 'wppb_recover_password_displayed_message1', '

'.$message.'

' ); else echo apply_filters( 'wppb_recover_password_displayed_message2', '

'.$message.'

' ); //display success message } // use this action hook to add extra content after the password recovery form. do_action( 'wppb_after_recover_password_fields' ); ?>