New users email not sending password

Ok, I found the real fix. The problem is that with the new WordPress system, the password isn’t emailed to you. You get a “hash” code that is randomly generated, and you use that to send someone to a password reset (in this case it’s really a password set) page. So, the fix is to send the user a link to set their password rather than trying to send them a password. Below is the code to fix it.

Look for the line of code that starts with:
$user_message = str_replace('[user_password]'

Replace that entire line (including the part after what I pasted above) with this:

// Generate a key.
				$key = wp_generate_password( 20, false );

				do_action( 'retrieve_password_key', $user_login, $key );

				// Now insert the key, hashed, into the DB.
				if ( empty( $wp_hasher ) ) {
					require_once ABSPATH . WPINC . '/class-phpass.php';
					$wp_hasher = new PasswordHash( 8, true );
				}

				$hashed = time() . ':' . $wp_hasher->HashPassword( $key );
				$wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );

				$user_message = str_replace('[user_password]', '<a href="'.network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login').'" target="_blank">click to set</a>', $user_message);

Thanks Pennycan. It’s not as easy as just replacing this but you’re on the right track. I’ve included something similar which works fine but I need to maintain backwards compatibility for other plugins. I also need to make it work with systems that set the password as part of the Reg process. I think an amalgamation of the two solutions is best. I’ll get a release out later today.

thanks
Sean

Thanks Sean! My solution was intended to help those with configurations similar to mine, but now I understand your compatibility considerations. Great work on this, and I’m looking forward to the update.

Sean, Pennycan, thanks a stack for all your efforts!
Waiting eagerly for the new release.

I have released a new version. This release doesn’t include the bodges from the previous page but does include something that looks similar to Pennycan’s submission above. I’ve made a few other changes to aid the transition and fixed the forgot password functionality also.

Let me know what happens once you’ve given it a test

thanks
Sean

Hi excuse my ignorance. Do I have to uninstall the plugin and reinstall it? No update notifications are showing in WP for this plugin so not quite sure what to do here.

It’s V4.3 you need. What version is it saying you have?

ta
S

I’ve got version 4.3.

Thanks,
Donovan

A simple test to see if you have the latest version. Visit the settings page within my plugin and see if there is a banner at the top explaining about the WP4.3 issues. If the banner is there then you have the latest version. if it’s not then you don’t. I believe I increased the version number enough to cause the upgrade banner to show on yours (and everyone else’s) installs but will wait and see. Not had any other feedback just yet

ta
S

Thank Sean,

There’s no banner on the settings page. It does however say “Version 4.3” on the plugins page. Does the upgrade notification take some time to render before it’s available to us? I’ll give it till tomorrow and see what becomes available. Unless you advise otherwise?

Cheers,
D

Sean,

Thanks for the fix, upgrade available in WP. All sorted now! Appreciate all the effort you made in getting this up so promptly after your holidays!

Cheers,
D

No problem at all. Thanks for sticking by ??

Confirmed – works well. Thanks for being responsive Sean.

So I don’t understand, how can I include the user password in the email?

You can’t. WP changed the way that it works now so it’s not possible. I can write in a custom option to look in the POST array for a password but it wouldn’t be as simple as some users here might have suggested. A work in progress I think.

ta
S