科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>woocommerce offtopic - password_reset doesnt work

    woocommerce offtopic - password_reset doesnt work

    programmeradmin1浏览0评论

    Im trying to use $_POST method after password reset submit action here is the code

    add_action( 'after_password_reset', 'action_function', 10, 2 );
function action_function( $user, $new_pass ){
    if (isset( $_POST['password_1'] ) ) {
        update_user_meta($user->ID, 'user_pass2', password_hash($_POST['password_1'], PASSWORD_DEFAULT));
    }
}

    however it doest get fired

    any tip?

    also the reason I need the password is using for another app credentials for example the following code shows how I use $_POST during profile_update

    function my_profile_update( $user_id ) {
    // password changed...
    if ( ! is_admin() && isset( $_POST['password_1'] ) ) {
        update_user_meta($user_id, 'user_pass2', password_hash($_POST['password_1'], PASSWORD_DEFAULT));
        global $wpdb;
        global $current_user;
        $script_db = new wpdb('db', 'pass', 'user', 'localhost');
        get_currentuserinfo();
        $email = (string) $current_user->user_email;
        $password = (string)  get_user_meta( $current_user->ID, 'user_pass2', true );;
        $query   = $script_db->prepare( "SELECT * FROM {$script_db->prefix}np_users WHERE email = %s", $email );
        $results = $script_db->get_results($query);
        if(count( $results ) > 0) {
            $id = $results[0]->id;
            $script_db->update('np_users', array(
            'password' => $password
            ),array('id'=>$id));
        }
    }

}
add_action( 'profile_update', 'my_profile_update' );

    Im trying to use $_POST method after password reset submit action here is the code

    add_action( 'after_password_reset', 'action_function', 10, 2 );
function action_function( $user, $new_pass ){
    if (isset( $_POST['password_1'] ) ) {
        update_user_meta($user->ID, 'user_pass2', password_hash($_POST['password_1'], PASSWORD_DEFAULT));
    }
}

    however it doest get fired

    any tip?

    also the reason I need the password is using for another app credentials for example the following code shows how I use $_POST during profile_update

    function my_profile_update( $user_id ) {
    // password changed...
    if ( ! is_admin() && isset( $_POST['password_1'] ) ) {
        update_user_meta($user_id, 'user_pass2', password_hash($_POST['password_1'], PASSWORD_DEFAULT));
        global $wpdb;
        global $current_user;
        $script_db = new wpdb('db', 'pass', 'user', 'localhost');
        get_currentuserinfo();
        $email = (string) $current_user->user_email;
        $password = (string)  get_user_meta( $current_user->ID, 'user_pass2', true );;
        $query   = $script_db->prepare( "SELECT * FROM {$script_db->prefix}np_users WHERE email = %s", $email );
        $results = $script_db->get_results($query);
        if(count( $results ) > 0) {
            $id = $results[0]->id;
            $script_db->update('np_users', array(
            'password' => $password
            ),array('id'=>$id));
        }
    }

}
add_action( 'profile_update', 'my_profile_update' );
    • woocommerce-offtopic
    • hooks
    • actions
    • password
    Share Improve this question edited Mar 31, 2019 at 19:20 zEn feeLo asked Mar 31, 2019 at 17:38 zEn feeLozEn feeLo 2073 silver badges18 bronze badges 2
    • I dont want to store the raw format, I have another app installed on subdomain which use different format of hashing the password , I should store the credentials to use it for registration the user in db (writing after purchasing some packages) so I dont want to do anything stupid regarding to passwords – zEn feeLo Commented Mar 31, 2019 at 18:57
    • I updated the question please check – zEn feeLo Commented Mar 31, 2019 at 19:01
    Add a comment  | 

    1 Answer 1

    Reset to default 1

    You shouldn't use these hooks for that. If you wan't to use the same password for some other app, then it's crucial, that the password will always be the same.

    So the best way will be to make sure it will be always true. How? By taking care of that.

    WordPress uses wp_set_password function every time the password is changed. There are no hooks inside of it (https://core.trac.wordpress/browser/tags/5.1.1/src/wp-includes/pluggable.php#L0), but it's pluggable - so you can write your own version of it. So do it:

    function wp_set_password( $password, $user_id ) {
    // Keep original WP code
    global $wpdb;

    $hash = wp_hash_password( $password );
    $wpdb->update(
        $wpdb->users,
        array(
            'user_pass'           => $hash,
            'user_activation_key' => '',
        ),
        array( 'ID' => $user_id )
    );

    wp_cache_delete( $user_id, 'users' );

    // and now add your own
    $script_db = new wpdb('db', 'pass', 'user', 'localhost');

    $custom_hash = password_hash( $password, PASSWORD_DEFAULT );
    $userdata = get_userdata( $user_id );

    $script_db->update(
        'np_users',
        array( 'password' => $custom_hash ),
        array( 'email' => $userdata->user_email )
    );
}

    This way the password will always be synchronized. (For example your code would break the passwords if admin changed the password for user).

    You also don't have to store second hash as user meta. And it performs less queries - you don't have to select user by email and then update the password using his ID - you can just run the update.

    All you need to do is to put that function in your plugin.

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论