Invalid Key

Hi efishinsea,
Thanks for your message.

Are you including the link within other HTML? If so can you use the raw shortcode instead and see if that works.
If not, do you have any plugins that modify the behaviour of the WordPress login?
Also, are you running multisite?

Thanks,
Jack

This is a snippet of how I am using the code, with superflous instructions I’d like to get rid of:

<span style="color: #ff0000;"><strong>COPY & PASTE</strong> the URL directly into your browser to set your password.</span>

[password_url]

Once you have set up a password...

I did just look at the source of the delivered email though, and see the link (which is not an HTML link, but rather just the bare URL) is wrapped in <p> tags, presumably by WP. Since the email Notification composer uses the standard WP WYSIWYG I would assume this is ok.

I did try creating and sending the email as PLAIN TEXT from your plugin, but everything was still wrapped in <p> tags, which seems to be the problem. If I physically convert that message to plain text after it arrives, the link works again. So the question seems to be, how do we stop this email from being sent as HTML ? Further, why should that matter? A link is a link….

No, this isn’t multisite.

Yes, we are using WP-Security which alters the login page, but even if I turn that plugin off, the same “invalid key” failure happens.

The site is also cached with Cloudflare if that makes any difference.

Hi,
Thanks for the update and the extra info.

If it is the p tags, can you tick the checkbox below the WYSIWYG editor that says “Stop additional paragraph and line break HTML from being inserted into my notifications” and test in both HTML and plain text to see if that helps?

If it’s not that then I’d recommend making your way through this document to see if you’re able to narrow down the source of the problem.

Thanks,
Jack

I see no such checkbox under the WYSIWYG editor. Is there a version of the plugin beyond 1.4.1?

update 1:

I do notice that option does appear on some forms, but not all. I am using the “New User Registration” form, and the checkbox to remove extra P tags does not appear on this form.

update 2:

I tried setting that value on one form and then swapping the form type to “New User Registration” and saving it, which seemed to apply the removal of P tags. Nothing changed in my result though. What did happen is that along with P tags being removed from the email, newlines are also removed, so everything is crammed together in both HTML mode, as well as in Plain Text mode. And, the link still returns an “Invalid Key” error.

update 3:
Also, as I am thinking about this, there are some hidden fields on this form (“This notification doesn’t support additional email fields.”) that would be useful to use… I have a custom user type this notification is for, and I only want it to be triggered for that one user type. Is there a reason why you have those items hidden on this form type?

Hi efishinsea,
The checkbox may be in my copy which I’m going to push as an update later this month.
That might be why it’s not appearing for you yet.

The reason some fields are hidden are because WordPress doesn’t support them or they would pose a security risk – password reset links going to people other than the intended user, for example.

Are you able to post screenshots of the notification and the resulting email?
If I can’t see anything obvious with these then you might have to make your way through the document I linked to in my last reply.

Thanks,
Jack

All I am doing is sending out the “create a password” link to new users when they register. Everything works fine, other than the link that is sent out doesn’t work when you click on it.

The email source looks something like this:

Please copy & paste the link below into your browser to create your password. Logins and passwords are not transferable.

USERNAME: myusername

https://www.mydomain.com/wp-login.php?action=rp&key=xemtEePJFREHoWmqRAtm&login=myusername

Once you have set up a password, use it and your username to login to the Partner Portal here: https://www.mydomain.com/partner-portal/

I’ve gone through the doc you sent, with no luck. The only thing that works is pasting the link manually into the browser, as clicking on it returns the ‘invalid key’ error, and shows the wrong screen.

Hi efishinsea,
If the link works when copying and pasting it, it means there must be something be inserted into the link code itself.

Can you post the HTML of the link so I can take a look?

Thanks,
Jack

Send me a PM and I’ll send you an email with an account login to view. I can’t post it here.

Hi efishinsea,
I can’t provide that level of support via the free support forum I’m afraid.

Can you post the HTML as requested above or send a screenshot so that I can see what is contained in the email?

Thanks,
Jack

The HTML looks like I said it did in an earlier message:

Please copy & paste the link below into your browser to create your password. Logins and passwords are not transferable.

USERNAME: myusername

https://www.mydomain.com/wp-login.php?action=rp&key=xemtEePJFREHoWmqRAtm&login=myusername

Once you have set up a password, use it and your username to login to the Partner Portal here: https://www.mydomain.com/partner-portal/

Hi efishinsea,
Whilst that’s the text from the notification, it’s not the HTML.

If you view the RAW email in your email client, you should be able to see the HTML – can you please copy and paste that here or provide a screenshot?

If you can’t then you may have to make your way through this document to see if you’re able to narrow down the source of the problem that way.

Thanks,
Jack

Yes, I understand. That was the “HTML” from the email, which was a plaintext email, which also gives the same “invalid key” result.

Here’s another snippet of the same thing in one version of html, which also fails:

Please copy & paste the link below into your browser to create your password. Logins and passwords are not transferable.
<br/><br/>
USERNAME: myusername
<br/><br/>
https://www.mydomain.com/wp-login.php?action=rp&key=xemtEePJFREHoWmqRAtm&login=myusername
<br/><br/>
Once you have set up a password, use it and your username to login to the Partner Portal here: https://www.mydomain.com/partner

I’ve tried emails in HTML, in plaintext, etc. All fail.

If you want to test this for yourself, I can send you a user account, but will not do so via this public forum.

Hi efishinsea,
Have you tried another email client? I just wondered if it’s doing something odd to your emails.

As it works when you copy and paste the link into your web browser manually, it would suggest that BNFW is working correctly. I suspect something else may be affecting the link like the security settings on your web server or your email client.

Jack

Closing due to inactivity. If you need further help with this, please feel free to re-open this thread.