#23874 closed defect (bug) (duplicate)
Multisite: forgot password link navigates to the primary domain not the current domain.
Reported by: | cullaloe | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.5.1 |
Component: | Multisite | Keywords: | |
Focuses: | Cc: |
Description (last modified by )
Users on subsites clicking "forgot password" link are directed to the network domain to reset their password. This causes confusion for users as they finish up on the network domain instead of the site they think they are registered on.
According to @Philly's post on http://www.s2member.com/forums/topic/login-widget-on-multisite/ this was introduced "Its a WordPress bug introduced [in 2011] in wp-includes/general-template.php". He offers the following modifications, which work nicely on my installation (3.5.1).
wp-includes/general-template.php:
function wp_lostpassword_url( $redirect = '' ) { $args = array( 'action' => 'lostpassword' ); if ( !empty($redirect) ) { $args['redirect_to'] = $redirect; } $lostpassword_url = add_query_arg( $args, network_site_url('wp-login.php', 'login') ); return apply_filters( 'lostpassword_url', $lostpassword_url, $redirect ); }
Should be
function wp_lostpassword_url( $redirect = '' ) { $args = array( 'action' => 'lostpassword' ); if ( !empty($redirect) ) { $args['redirect_to'] = $redirect; } $lostpassword_url = add_query_arg( $args, site_url('wp-login.php', 'login') ); return apply_filters( 'lostpassword_url', $lostpassword_url, $redirect ); }
Also WordPress is generating the incorrect email in wp-login.php
$message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n"; $message .= network_home_url( '/' ) . "\r\n\r\n"; $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n"; $message .= __('To reset your password, visit the following address:') . "\r\n\r\n"; $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";
should be
$message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n"; $message .= home_url( '/' ) . "\r\n\r\n"; $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n"; $message .= __('To reset your password, visit the following address:') . "\r\n\r\n"; $message .= '<' . site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";
Change History (4)
Note: See
TracTickets for help on using
tickets.
I think this is a duplicate of #21352