WORDPRESS 新用户注册邮件链接提示「您的密码重设链接无效」

  • A+
所属分类:wp教程

这BUG从3版本至今愣是没人修复……位置在:/wp-includes/pluggable.php,将对应代码改为如下:

$message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user->user_login), 'login') . "\r\n\r\n";

4.9.1 版本下的无痛修复方法:

未经测试,理论可行,慎用。于  functions.php 添加:

if ( ! function_exists( 'wp_new_user_notification_fixed' ) ) :
 function wp_send_new_user_notifications_fixed( $user_id, $notify = 'both' ) {
 wp_new_user_notification_fixed( $user_id, null, $notify );
 }
endif;
if ( ! function_exists( 'wp_new_user_notification_fixed' ) ) :
 function wp_new_user_notification_fixed( $user_id, $deprecated = null, $notify = '' ) {
 if ( $deprecated !== null ) {
 _deprecated_argument( __FUNCTION__, '4.3.1' );
 }
 global $wpdb, $wp_hasher;
 $user = get_userdata( $user_id );
 // The blogname option is escaped with esc_html on the way into the database in sanitize_option
 // we want to reverse this for the plain text arena of emails.
 $blogname = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
 if ( 'user' !== $notify ) {
 $switched_locale = switch_to_locale( get_locale() );
 /* translators: %s: site title */
 $message = sprintf( __( 'New user registration on your site %s:' ), $blogname ) . "\r\n\r\n";
 /* translators: %s: user login */
 $message .= sprintf( __( 'Username: %s' ), $user->user_login ) . "\r\n\r\n";
 /* translators: %s: user email address */
 $message .= sprintf( __( 'Email: %s' ), $user->user_email ) . "\r\n";
 $wp_new_user_notification_email_admin = array(
 'to'      => get_option( 'admin_email' ),
 /* translators: Password change notification email subject. %s: Site title */
 'subject' => __( '[%s] New User Registration' ),
 'message' => $message,
 'headers' => '',
 );
 $wp_new_user_notification_email_admin = apply_filters( 'wp_new_user_notification_email_admin', $wp_new_user_notification_email_admin, $user, $blogname );
 @wp_mail(
 $wp_new_user_notification_email_admin['to'],
 wp_specialchars_decode( sprintf( $wp_new_user_notification_email_admin['subject'], $blogname ) ),
 $wp_new_user_notification_email_admin['message'],
 $wp_new_user_notification_email_admin['headers']
 );
 if ( $switched_locale ) {
 restore_previous_locale();
 }
 }
 // `$deprecated was pre-4.3 `$plaintext_pass`. An empty `$plaintext_pass` didn't sent a user notification.
 if ( 'admin' === $notify || ( empty( $deprecated ) && empty( $notify ) ) ) {
 return;
 }
 // Generate something random for a password reset key.
 $key = wp_generate_password( 20, false );
 /** This action is documented in wp-login.php */
 do_action( 'retrieve_password_key', $user->user_login, $key );
 // Now insert the key, hashed, into the DB.
 if ( empty( $wp_hasher ) ) {
 require_once ABSPATH . WPINC . '/class-phpass.php';
 $wp_hasher = new PasswordHash( 8, true );
 }
 $hashed = time() . ':' . $wp_hasher->HashPassword( $key );
 $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user->user_login ) );
 $switched_locale = switch_to_locale( get_user_locale( $user ) );
 /* translators: %s: user login */
 $message  = sprintf( __( 'Username: %s' ), $user->user_login ) . "\r\n\r\n";
 $message .= __( 'To set your password, visit the following address:' ) . "\r\n\r\n";
 $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user->user_login), 'login') . "\r\n\r\n";
 $message .= wp_login_url() . "\r\n";
 $wp_new_user_notification_email = array(
 'to'      => $user->user_email,
 /* translators: Password change notification email subject. %s: Site title */
 'subject' => __( '[%s] Your username and password info' ),
 'message' => $message,
 'headers' => '',
 );
 $wp_new_user_notification_email = apply_filters( 'wp_new_user_notification_email', $wp_new_user_notification_email, $user, $blogname );
 wp_mail(
 $wp_new_user_notification_email['to'],
 wp_specialchars_decode( sprintf( $wp_new_user_notification_email['subject'], $blogname ) ),
 $wp_new_user_notification_email['message'],
 $wp_new_user_notification_email['headers']
 );
 if ( $switched_locale ) {
 restore_previous_locale();
 }
 }
endif;
 
remove_action( 'register_new_user', 'wp_send_new_user_notifications' );
remove_action( 'edit_user_created_user', 'wp_send_new_user_notifications', 10, 2 );
remove_action( 'network_user_new_created_user', 'wp_send_new_user_notifications' );
remove_action( 'network_site_new_created_user',   'wp_send_new_user_notifications' );
remove_action( 'network_site_users_created_user', 'wp_send_new_user_notifications' );
add_action( 'register_new_user',      'wp_send_new_user_notifications_fixed' );
add_action( 'edit_user_created_user', 'wp_send_new_user_notifications_fixed', 10, 2 );
add_action( 'network_site_new_created_user',   'wp_send_new_user_notifications_fixed' );
add_action( 'network_site_users_created_user', 'wp_send_new_user_notifications_fixed' );
add_action( 'network_user_new_created_user',   'wp_send_new_user_notifications_fixed' );

另重置密码也出现了同样的问题,不过早有办法解决。位于主题目录 functions.php  添加:

/**
 * 修复 WordPress 找回密码提示“抱歉,该key似乎无效”
 * https://www.sjblog.top/2116.html
 */
function reset_password_message( $message, $key ) {
 if ( strpos($_POST['user_login'], '@') ) {
 $user_data = get_user_by('email', trim($_POST['user_login']));
 } else {
 $login = trim($_POST['user_login']);
 $user_data = get_user_by('login', $login);
 }
 $user_login = $user_data->user_login;
 $msg = __('有人要求重设如下帐号的密码:'). "\r\n\r\n";
 $msg .= network_site_url() . "\r\n\r\n";
 $msg .= sprintf(__('用户名:%s'), $user_login) . "\r\n\r\n";
 $msg .= __('若这不是您本人要求的,请忽略本邮件,一切如常。') . "\r\n\r\n";
 $msg .= __('要重置您的密码,请打开下面的链接:'). "\r\n\r\n";
 $msg .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') ;
 return $msg;
}
add_filter('retrieve_password_message', reset_password_message, null, 2);

 

weinxin
我的微信
这是我的微信扫一扫
SJ

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: