Make WordPress Core

Opened 6 weeks ago

Last modified 6 weeks ago

#58194 new defect (bug)

Users: Don't show 'Reset Password' link if password reset is not allowed

Reported by: ocean90's profile ocean90 Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 5.7
Component: Users Keywords: good-first-bug has-patch
Focuses: administration Cc:


With the allow_password_reset filter it's possible to disallow a password reset per user. The value of this filter is not checked when adding the 'Reset Password' link to the list table actions added in #34281. In such cases you still get a "Password reset link sent." notice but no email is actually sent.

Relevant part in core:

Change History (3)

#1 @johnbillion
6 weeks ago

  • Keywords needs-patch added

This ticket was mentioned in PR #4389 on WordPress/wordpress-develop by Cshark1.

6 weeks ago

  • Keywords has-patch added; needs-patch removed

If the allow_password_reset filter is set to false, the admin panel still shows the Send Password reset, even though this does nothing. This PR adds a check to see if the filter is set to false and if it is set to false it does not show the button.


#3 @cshark
6 weeks ago

Without this patch, the Send password reset button appears for all the users, even though the user uty has this option disabled though the allow_password_reset filter.

With the patch, the option is not displayed for that user.

Note: See TracTickets for help on using tickets.