Lost Password 1.2 Mingus Bug & Fix (sort of)

  • I’m not a dev, but I found a bug and kind of fixed it. Whether you keep this fix or change it a bit doesn’t matter to me, but it is important.
    The lost password thing does not work, AND the emails sent by WP in wp-login.php (and probably other areas) have no “From” specified.
    When requesting a new password, the emails are screwed up, they arrive from “Nobody” and the password doesn’t get reset in the db. All because of one teensy mistake. ??
    Occuring between line 199 and 232 of wp-login.php in the “retrievepassword” case.
    Original:

    // redefining user_login ensures we return the right case in the email
    $user_login = $user_data['user_login'];
    $user_email = $user_data->user_email;

    Fixed:

    // redefining user_login ensures we return the right case in the email
    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;

    Original:

    $m = mail($user_email, '[' . get_settings('blogname') . "] Your weblog's login/password", $message);

    Suggestion:

    $m = mail($user_email, '[' . get_settings('blogname') . "] Your weblog's login/password", $message, 'From: ' .get_settings('blogname'). ' WordPress Admin <' .get_settings('admin_email'). '>');

    Original:

    // send a copy of password change notification to the admin
    mail(get_settings('admin_email'), '[' . get_settings('blogname') . "] Password Lost/Change", "Password Lost and Changed for user: $user_login");

    Suggestion;

    // send a copy of password change notification to the admin
    mail(get_settings('admin_email'), '[' . get_settings('blogname') . "] Password Lost/Change", "Password Lost and Changed for user: $user_login", 'From: ' .get_settings('blogname'). ' WordPress <' .get_settings('admin_email'). '>');

Viewing 14 replies - 1 through 14 (of 14 total)

  • Hey sunshine, thanks for that fix. you have a typo in the suggestion number 2, a single quote accidentally got into the wrong place here:
    $message', From: '
    This is how it should look:
    $m = mail($user_email, '[' . get_settings('blogname') . "] Your weblog's login/password", $message, 'From: ' .get_settings('blogname'). ' WordPress Admin <' .get_settings('admin_email'). '>');

    Thread Starter Mary Linville

    (@sunshine)

    Whoops, sorry. I’ll fix my post right now.
    (damn my c&p abilities)!

    I’m guessing wordpress is not for people who aren’t saavy with coding. I’m locked out and after reading all these posts on fixing buggy code, etc, I have no idea what to do to fix this. I tried going into phpmyadmin and doing what was instructed, and it didn’t work. I’ve tried everything I could find that I felt comfortable doing, and nothing works. I’m locked out and fear I have to wipe everything out and start all over. I’m very disappointed. ??

    I had a very similar problem, after upgrading from b2 0.6 to wordpress 1.2 the options table was not setup correcly, siteurl was set as https:// when I changed this to the correct value I could login again.

    Hurrah! Thanks for the fix, Sunshine.
    Just ran into this problem, and your fix did the job ??

    Hey, that worked! Yay for Sunshine!

    Sunshine! You are the best. It worked flawlessly…
    Many thanks – you’ve saved many a thought.
    Best – cman

    That was truly a grt fix,thank you.

    emsdc – are you able to login to your blog ?

    I’ve been locked out from WP too, but I suspect it is because I have used scandinavian symbols in the user name -> ‘P?¥l’. I can’t login and I cant get a new password… Would the above fix help me out?

    The symbols used should not be a problem. Go ahead and try it.

    It’s me with the symbols -> ‘P?¥l’ was the problem – got screwed up in the database.
    I went in through phpmyadmin and changed the login to something without scandinavian letters and *tadaa* I could login again.

    Hi,
    I am having a similar problem, amd can not login.
    I was in the admin area and tried to test a new user. The login did not accept and when I went to the admin area to go to different page the program openend up the login page. I used the normal user and pass but had no luck. I have cleared all cookies and temp files and still no joy.
    I am not much of a techie so I am no to keen on fiddling with the program files.
    Thanks,
    Chris

    https://www.mfr.f2s.com/phpmyadmin/
    comes handy in times of crises and nothing else work.

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘Lost Password 1.2 Mingus Bug & Fix (sort of)’ is closed to new replies.