From f7f0498adcd60255df474d24a852db7672d93a1b Mon Sep 17 00:00:00 2001 From: Sapayth Hossain Date: Fri, 2 Feb 2024 16:33:34 +0600 Subject: [PATCH 1/2] fix: reset password not working --- includes/Free/Simple_Login.php | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/includes/Free/Simple_Login.php b/includes/Free/Simple_Login.php index 26674dd05..550469284 100644 --- a/includes/Free/Simple_Login.php +++ b/includes/Free/Simple_Login.php @@ -4,6 +4,8 @@ use WeDevs\Wpuf\Render_Form; use WeDevs\Wpuf\WPUF_User; +use WP_Error; +use WP_User; /** * Login and forgot password handler class @@ -157,7 +159,7 @@ public function validate_custom_fields( $user, $password ) { if ( $recaptcha === 'on' ) { if ( isset( $_REQUEST['g-recaptcha-response'] ) ) { if ( empty( $_REQUEST['g-recaptcha-response'] ) ) { - $user = new \WP_Error( 'WPUFLoginCaptchaError', 'Empty reCaptcha Field.' ); + $user = new WP_Error( 'WPUFLoginCaptchaError', 'Empty reCaptcha Field.' ); } else { $no_captcha = 1; $invisible_captcha = 0; @@ -425,7 +427,7 @@ public function process_login() { $pwd = isset( $_POST['pwd'] ) ? trim( $_POST['pwd'] ) : ''; // $g_recaptcha_response = isset( $_POST['g-recaptcha-response'] ) ? sanitize_text_field( wp_unslash( $_POST['g-recaptcha-response'] ) ) : ''; - $validation_error = new \WP_Error(); + $validation_error = new WP_Error(); $validation_error = apply_filters( 'wpuf_process_login_errors', $validation_error, $log, $pwd ); if ( $validation_error->get_error_code() ) { @@ -623,8 +625,11 @@ public function process_reset_password() { // process lost password form if ( isset( $_POST['user_login'] ) && isset( $_POST['_wpnonce'] ) ) { - $nonce = sanitize_key( wp_unslash( $_POST['_wpnonce'] ) ); - wp_verify_nonce( $nonce, 'wpuf_lost_pass' ); + $nonce = ! empty( $_POST['_wpnonce'] ) ? sanitize_key( wp_unslash( $_POST['_wpnonce'] ) ) : ''; + + if ( ! empty( $nonce) && ! wp_verify_nonce( $nonce, 'wpuf_lost_pass' ) ) { + return ; + } if ( $this->retrieve_password() ) { $url = add_query_arg( @@ -655,8 +660,6 @@ public function process_reset_password() { $args['key'] = $key; $args['login'] = $login; - wp_verify_nonce( $nonce, 'wpuf_reset_pass' ); - if ( empty( $pass1 ) || empty( $pass2 ) ) { $this->login_errors[] = __( 'Please enter your password.', 'wp-user-frontend' ); @@ -669,7 +672,7 @@ public function process_reset_password() { return; } - $errors = new \WP_Error(); + $errors = new WP_Error(); do_action( 'validate_password_reset', $errors, $user ); @@ -784,7 +787,7 @@ public function successfully_authenticate( $user, $username, $password ) { if ( ! is_wp_error( $user ) ) { if ( $user->ID ) { $resend_link = add_query_arg( 'resend_activation', $user->ID, $this->get_login_url() ); - $error = new \WP_Error(); + $error = new WP_Error(); $wpuf_user = new WPUF_User( $user->ID ); if ( ! $wpuf_user->is_verified() ) { @@ -916,10 +919,10 @@ public function activation_user_registration() { * * @since 2.2 * - * @return \WP_Error + * @return WP_Error */ public function user_activation_message() { - return new \WP_Error( 'user-activated', __( 'Your account has been activated', 'wp-user-frontend' ), 'message' ); + return new WP_Error( 'user-activated', __( 'Your account has been activated', 'wp-user-frontend' ), 'message' ); } public function wp_login_page_redirect() { From 807902a4b0a976dd11ee111eed3150afe3c3ef18 Mon Sep 17 00:00:00 2001 From: Sapayth Hossain Date: Mon, 5 Feb 2024 17:25:26 +0600 Subject: [PATCH 2/2] show message to check email for reseting password --- includes/Free/Simple_Login.php | 4 ++++ templates/login-form.php | 6 ++++-- templates/lost-pass-form.php | 6 ++++-- templates/reset-pass-form.php | 6 ++++-- 4 files changed, 16 insertions(+), 6 deletions(-) diff --git a/includes/Free/Simple_Login.php b/includes/Free/Simple_Login.php index 550469284..bb4270886 100644 --- a/includes/Free/Simple_Login.php +++ b/includes/Free/Simple_Login.php @@ -361,6 +361,10 @@ public function login_form() { case 'lostpassword': $checkemail = isset( $getdata['checkemail'] ) ? sanitize_text_field( $getdata['checkemail'] ) : ''; + if ( $this->login_errors ) { + wpuf_load_template( 'lost-pass-form.php', $args ); + break; + } if ( 'confirm' === $checkemail ) { $this->messages[] = __( 'Check your e-mail for the confirmation link.', 'wp-user-frontend' ); } diff --git a/templates/login-form.php b/templates/login-form.php index 2dfc7a37e..c23aaacb1 100644 --- a/templates/login-form.php +++ b/templates/login-form.php @@ -15,8 +15,10 @@ } ?> - frontend->simple_login->show_errors(); ?> - frontend->simple_login->show_messages(); ?> + frontend->simple_login->show_errors(); + wpuf()->frontend->simple_login->show_messages(); + ?>