When using the Wordpress password retrieval function and the reset password link in the new user registration email, Wordpress prompts "Your password reset link is invalid, please request a new link below.", "The key appears to be invalid", "invalid key ".
This is actually not a problem with wordpress. After the email receives the email, it will use the password reset link address and the "<>" before and after it as the link address to generate a hyperlink. After clicking this hyperlink, the parameters passed to wordpress are incorrect ( There is more >), for example, move the mouse to the connection in the red box in the figure below, and see the URL prompting the connection in the lower left corner of the browser, you will find that there is an extra ">", so the wordpress prompts that the password reset link is invalid.
This problem mainly affects the password retrieval function when the password is forgotten and the password setting function sent by the system to the new user when the new user registers. This issue can be resolved with the following two steps:
- Solve the prompt "Your password reset link is invalid" when retrieving your password:
Open wp-login.php in the WP root directory and find the following code (about line 374):
$message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";
$message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";
That is, remove the two angle brackets.
- When a new user registers, click the reset password link in the email and it prompts "Your password reset link is invalid":
Open /wp-includes/pluggable.php in the WP installation directory and find the following code (about 1741 lines):
$message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user->user_login), 'login') . ">\r\n\r\n";
change into:
$message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user->user_login), 'login') . "\r\n\r\n";
After the above modification, the password reset email received by the user and the password setting email received by the new user will no longer contain "<>", and the user can reset or set the password normally after clicking the link in the email. The above modification involves the modification of the Wordpress source code. After each upgrade of Wordpress, the modification will be overwritten, and the above modification must be made again.
Another solution: add the following code to the functions.php of the current theme.
/**
* Fixed "Sorry, the key seems to be invalid" when WordPress retrieves the password
*/
function reset_password_message( $message, $key ) {
if ( strpos($_POST['user_login'], '@') ) {
$user_data = get_user_by('email', trim($_POST['user_login']));
} else {
$login = trim($_POST['user_login']);
$user_data = get_user_by('login', $login);
}
$user_login = $user_data->user_login;
$msg = __('Someone asked to reset the password of the following account:'). "\r\n\r\n";
$msg .= network_site_url() . "\r\n\r\n";
$msg .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
$msg .= __('If this is not what you asked for, please ignore this email and it will be business as usual.') . "\r\n\r\n";
$msg .= __('To reset your password, open the link below:'). "\r\n\r\n";
$msg .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') ;
return $msg;
}
add_filter('retrieve_password_message', reset_password_message, null, 2);
The disadvantage of this method is that every time you change the theme, you have to re-add the code to the theme's function.php file.
Original link: https://www.cnblogs.com/liudecai/p/6474611.html