Hi
I’ve installed the plugin but when I try and ‘Activate’ it I get the following error message:
“Fatal error: Cannot redeclare wp_check_password() (previously declared in /var/sites/etc/pluggable.php:2089) in /var/sites/etc/plugins/wp-password-bcrypt-master/wp-password-bcrypt.php on line 44”
URL above is modified
I know that the plugin obviously should work and so it might be a host problem like it says in the description. However I Googled and found this:
“if (!function_exists(‘thefunction’)) {
// … proceed to declare the function
}”
Which I’ve tried to work into the code but without success as I’m designer really, but I’m not sure that would work anyway.
Please could you advise me as to what the error means and how to fix it, and whether it is anything I should be speaking to my hosting provider about.
Best regards
Craig T
]]>A few weeks back WordPress automatically upgraded to 4.3. Shortly after the upgrade, it was discovered that password reset links always returned an invalid key error. Searching the internet for fixes didn’t turn anything up. Certain folk had the same issue, but their issue arose from plugins that were not installed in our server.
First off I setup a VM to host a replica of our production server. Then I started with the obvious by deactivating plugins one by one till I found the culprit. Our culprit happened to be wp-bcrypt plugin. Once wp-bcrypt was deactivated, password reset links were valid again. I then reactivated the plugin.
Next I started delving into the WordPress code to figure out the password reset process. Mainly I was interested in where the password reset key was being stored. Wanted to see what was getting into the database. Turns out table wp_users column user_activation_key is the spot. So I logged into MySQL and queried for the user_activation_key for the user whose password was reset. Before the reset, the value was empty. After the reset, the value was empty:( Went to check the WordPress debug log (which was enabled), but found none. Thus an error didn’t occur or if it did, was ignored. In order to debug further, I turned on the MySQL query log. Then went through the password reset process again. MySQL’s query log did not output a UPDATE statement. Hmmm…..
Then it hit me all of a sudden. In earlier readings, I had found out that in 4.3 a timestamp and semi-colon were being appended to the hashed password reset key for the purposes of password reset key expiration. Before 4.3 bcrypted password reset keys were working, but now they weren’t. So an addition of extra stuff stops things working, it must be related to size. Of course, the database column isn’t big enough to store the timestamp, semi-colon and bcrypted password reset key! I increased the size of table wp_users column user_activation_key to varchar(80). Now every single password reset key is valid.
Hope this helps you in your travails!
]]>Hi,
Is there a way to tell if this plugin is actually working. I’m new to the mechanics of hashing and would like to make sure my passwords are using bcrypt. Thanks.
]]>