#28316 closed defect (bug) (fixed)
Resetting Password via wp_set_password in functions.php creates reset loop
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | 4.0 | Priority: | normal |
Severity: | normal | Version: | 3.8 |
Component: | Login and Registration | Keywords: | |
Focuses: | docs, administration | Cc: |
Description
This is an extreme edge case, but here's the story.
One of the directions on resetting your passwords involves using wp_set_password(): https://codex.wordpress.org/Resetting_Your_Password#Through_FTP
The wp_set_password part works great, user added it to functions.php, password was reset. The PROBLEM is that they couldn't log in.
- After you then are able to login, make sure to go back and remove that code.
It will reset your password on every page load until you do.
The password was resetting on every page load, which meant they'd log in, the password would reset, and they'd be logged out and sent back to the login page with no error message. You just got a loop. The fix was to set the password in functions, refresh a page, DELETE that line, and go back in.
I believe this is related to changes made in how we allow for in-line logins on wp-admin, as when I tested by being logged in and changing the password via wp_set_password and also in the DB. When I did that, I was prompted by WP to log in again.
Change History (5)
#4
@
10 years ago
- Keywords needs-codex removed
- Milestone changed from Awaiting Review to 4.0
- Resolution set to fixed
- Status changed from new to closed
Updated the Codex: http://codex.wordpress.org/Function_Reference/wp_set_password#Examples
Also preempted the inevitable adding of a note to the PHPDoc when the Codex page is redirected in [29461].
I think we should just update the Codex page to suggest this instead of trying to log in without removing the code.