Programmer puzzle solving

    最新消息:Welcome to the puzzle paradise for programmers! Here, a well-designed puzzle awaits you. From code logic puzzles to algorithmic challenges, each level is closely centered on the programmer's expertise and skills. Whether you're a novice programmer or an experienced tech guru, you'll find your own challenges on this site. In the process of solving puzzles, you can not only exercise your thinking skills, but also deepen your understanding and application of programming knowledge. Come to start this puzzle journey full of wisdom and challenges, with many programmers to compete with each other and show your programming wisdom! Translated with DeepL.com (free version)
    你的位置: HOME>matter>woocommerce offtopic - password_reset doesnt work

    woocommerce offtopic - password_reset doesnt work

    matteradmin6PV0评论

    Im trying to use $_POST method after password reset submit action here is the code

    add_action( 'after_password_reset', 'action_function', 10, 2 );
function action_function( $user, $new_pass ){
    if (isset( $_POST['password_1'] ) ) {
        update_user_meta($user->ID, 'user_pass2', password_hash($_POST['password_1'], PASSWORD_DEFAULT));
    }
}

    however it doest get fired

    any tip?

    also the reason I need the password is using for another app credentials for example the following code shows how I use $_POST during profile_update

    function my_profile_update( $user_id ) {
    // password changed...
    if ( ! is_admin() && isset( $_POST['password_1'] ) ) {
        update_user_meta($user_id, 'user_pass2', password_hash($_POST['password_1'], PASSWORD_DEFAULT));
        global $wpdb;
        global $current_user;
        $script_db = new wpdb('db', 'pass', 'user', 'localhost');
        get_currentuserinfo();
        $email = (string) $current_user->user_email;
        $password = (string)  get_user_meta( $current_user->ID, 'user_pass2', true );;
        $query   = $script_db->prepare( "SELECT * FROM {$script_db->prefix}np_users WHERE email = %s", $email );
        $results = $script_db->get_results($query);
        if(count( $results ) > 0) {
            $id = $results[0]->id;
            $script_db->update('np_users', array(
            'password' => $password
            ),array('id'=>$id));
        }
    }

}
add_action( 'profile_update', 'my_profile_update' );

    Im trying to use $_POST method after password reset submit action here is the code

    add_action( 'after_password_reset', 'action_function', 10, 2 );
function action_function( $user, $new_pass ){
    if (isset( $_POST['password_1'] ) ) {
        update_user_meta($user->ID, 'user_pass2', password_hash($_POST['password_1'], PASSWORD_DEFAULT));
    }
}

    however it doest get fired

    any tip?

    also the reason I need the password is using for another app credentials for example the following code shows how I use $_POST during profile_update

    function my_profile_update( $user_id ) {
    // password changed...
    if ( ! is_admin() && isset( $_POST['password_1'] ) ) {
        update_user_meta($user_id, 'user_pass2', password_hash($_POST['password_1'], PASSWORD_DEFAULT));
        global $wpdb;
        global $current_user;
        $script_db = new wpdb('db', 'pass', 'user', 'localhost');
        get_currentuserinfo();
        $email = (string) $current_user->user_email;
        $password = (string)  get_user_meta( $current_user->ID, 'user_pass2', true );;
        $query   = $script_db->prepare( "SELECT * FROM {$script_db->prefix}np_users WHERE email = %s", $email );
        $results = $script_db->get_results($query);
        if(count( $results ) > 0) {
            $id = $results[0]->id;
            $script_db->update('np_users', array(
            'password' => $password
            ),array('id'=>$id));
        }
    }

}
add_action( 'profile_update', 'my_profile_update' );
    • woocommerce-offtopic
    • hooks
    • actions
    • password
    Share Improve this question edited Mar 31, 2019 at 19:20 zEn feeLo asked Mar 31, 2019 at 17:38 zEn feeLozEn feeLo 2073 silver badges18 bronze badges 2
    • I dont want to store the raw format, I have another app installed on subdomain which use different format of hashing the password , I should store the credentials to use it for registration the user in db (writing after purchasing some packages) so I dont want to do anything stupid regarding to passwords – zEn feeLo Commented Mar 31, 2019 at 18:57
    • I updated the question please check – zEn feeLo Commented Mar 31, 2019 at 19:01
    Add a comment  | 

    1 Answer 1

    Reset to default 1

    You shouldn't use these hooks for that. If you wan't to use the same password for some other app, then it's crucial, that the password will always be the same.

    So the best way will be to make sure it will be always true. How? By taking care of that.

    WordPress uses wp_set_password function every time the password is changed. There are no hooks inside of it (https://core.trac.wordpress/browser/tags/5.1.1/src/wp-includes/pluggable.php#L0), but it's pluggable - so you can write your own version of it. So do it:

    function wp_set_password( $password, $user_id ) {
    // Keep original WP code
    global $wpdb;

    $hash = wp_hash_password( $password );
    $wpdb->update(
        $wpdb->users,
        array(
            'user_pass'           => $hash,
            'user_activation_key' => '',
        ),
        array( 'ID' => $user_id )
    );

    wp_cache_delete( $user_id, 'users' );

    // and now add your own
    $script_db = new wpdb('db', 'pass', 'user', 'localhost');

    $custom_hash = password_hash( $password, PASSWORD_DEFAULT );
    $userdata = get_userdata( $user_id );

    $script_db->update(
        'np_users',
        array( 'password' => $custom_hash ),
        array( 'email' => $userdata->user_email )
    );
}

    This way the password will always be synchronized. (For example your code would break the passwords if admin changed the password for user).

    You also don't have to store second hash as user meta. And it performs less queries - you don't have to select user by email and then update the password using his ID - you can just run the update.

    All you need to do is to put that function in your plugin.

    Articles related to this article

    Post a comment

    comment list (0)

    1. No comments so far