WordPress Create Own Forget Password Page

WordPress Custom Forgot Password Page, we need to use the same page for forgot password as well. Here is the jquery function and also we are going to give id to play with both forms.

<script src=”<?php echo get_template_directory_uri();?>/assets/js/jquery-1.11.2.js”></script>        <script>         $(document).ready(function(){               $(‘#forgot_password’).hide();                              $(‘#forgot-password’).on(‘click’, function(e) {                       e.preventDefault();                                          $(‘#forgot_password’).show();                       $(‘#login-form’).hide();               });               $(‘#already_id’).on(‘click’, function(e) {                       e.preventDefault();                                          $(‘#forgot_password’).hide();                       $(‘#login-form’).show();               });                });             </script>


Now, Let’s see the form.

<form action=”<?php echo “http://”.$_SERVER[“SERVER_NAME”].$_SERVER[‘REQUEST_URI’]; ?>” method=”post” >        <div class=”form-group input-group”>               <span class=”input-group-addon”>E-Mail or Username </span>               <input type=”text” name=”emailToreceive” class=”form-control” placeholder=”Username” required />        </div>         <div class=”form-group”>                <span class=”pull-right”>                       <a href id=”already_id” > Back to Login? </a>                </span>        </div>        <input type=”hidden” name=”forgot_pass_Sbumit” value=”wb_yes” >        <input type=”submit” class=”btn btn-primary” value=”Get Password” >  </form>

The above form will be our reset form. Let’s write the php handler code for this form .

if(isset($_POST[‘forgot_pass_Sbumit’])) {      //Here our code….}

Now, we need to get the variable value and format it.

 if ( isset($_POST[’emailToreceive’]) && empty($_POST[’emailToreceive’]) )        $errors[‘userName’] = __(“<strong>ERROR</strong>: Username/e-mail Shouldn’t be blank.”); else{        $emailToreceive = $_POST[’emailToreceive’];         $user_input = esc_sql(trim($emailToreceive));}

Check what the user entered the email or his/her password:

if ( strpos($user_input, ‘@’) ) {        $user_data = get_user_by( ’email’, $user_input );         if(empty($user_data) ) {               $errors[‘invalid_email’] = ‘Invalid E-mail address!’;         }} else {        $user_data = get_user_by( ’email’, $user_input );         if(empty($user_data) ) {                $errors[‘invalid_usename’] = ‘Invalid Username!’;         }}

The User entered Input Validated here, if its not original, than we will show them an error. Otherwise, we will continue the below one.

if(empty($errors)) {         if(wb_forgot_password_reset_email($user_data->user_email)) {                $success[‘reset_email’] = “We have sent you an email with Password reset information.”;        } else {                $errors[’emailError’] = “Email failed to send for unknown reason.”;         }   }

Now you can place this function on your theme ‘functions.php’ or plugin root file.

function wb_forgot_password_reset_email($user_input) {        global $wpdb;         $user_data = get_user_by( ’email’, $user_input );         $user_login = $user_data->user_login;        $user_email = $user_data->user_email;         $key = $wpdb->get_var(“SELECT user_activation_key FROM $wpdb->users WHERE user_login ='”.$user_login.”‘”);        if(empty($key)) {        //generate reset key               $key = wp_generate_password(20, false);               $wpdb->update($wpdb->users, array(‘user_activation_key’ => $key), array(‘user_login’ => $user_login));        }         $message = __(‘Someone requested that the password be reset for the following account:’) . “<br><br><br>”;        $message .= get_option(‘siteurl’) . “<br><br>”;        $message .= sprintf(__(‘Username: %s’), $user_login) . “<br><br><br>”;        $message .= __(‘If this was a error, just ignore this email.’) . “<br><br>”;        $message .= __(‘To reset your password, visit the following address:’) . “<br><br>”;        $message .= ‘<a href=”‘.tg_validate_url() . “action=reset_pwd&key=$key&login=” . rawurlencode($user_login) . ‘” > ‘.tg_validate_url() . “action=reset_pwd&key=$key&login=” . rawurlencode($user_login) .”</a><br><br>”;         if ( $message && !wp_mail($user_email, ‘Password Reset Request’, $message) ) {        $msg = false ;         }        else $msg = true;          return $msg ; }

Now, the reset email sent to user and creates a new password. We will write the below code on the same rest login page.

if(isset($_GET[‘key’]) && $_GET[‘action’] == “reset_pwd”) {          $reset_key = $_GET[‘key’];        $user_login = $_GET[‘login’];        $user_data = $wpdb->get_row(“SELECT ID, user_login, user_email FROM $wpdb->users WHERE user_activation_key = ‘”.$reset_key.”‘ AND user_login = ‘”. $user_login.”‘”);        $user_login = $user_data->user_login;        $user_email = $user_data->user_email;        if(!empty($reset_key) && !empty($user_data)) {               if ( wb_rest_setting_password($reset_key, $user_login, $user_email, $user_data->ID) ) {                       $errors[’emailError’] = “Email failed to sent for some unknown reason”;                 }               else {                       $redirect_to = get_site_url().”/login?action=reset_success”;                       wp_safe_redirect($redirect_to);                       exit();               }        }        else exit(‘Not a Valid Key.’);  }

From the above code, we have a calling function, which will handle the new password generation and it will email to the requested user. Let’s see the function code:

function wb_rest_setting_password($reset_key, $user_login, $user_email, $ID) {         $new_password = wp_generate_password(7, false); //you can change the number 7 to whatever length needed for the new password         wp_set_password( $new_password, $ID ); //mailing the reset details to the user         $message = __(‘Your new password for the account at:’) . “<br><br>”;         $message .= get_bloginfo(‘name’) . “<br><br>”;         $message .= sprintf(__(‘Username: %s’), $user_login) . “<br><br>”;        $message .= sprintf(__(‘Password: %s’), $new_password) . “<br><br>”;         $message .= __(‘You can now login with your new password at: ‘).'<a href=”‘.get_option(‘siteurl’).”/login” .'” >’ . get_option(‘siteurl’).”/login” . “</a> <br><br>”;         if ( $message && !wp_mail($user_email, ‘Your New Password to login into eimams’, $message) ) {                $msg = false;          } else {                $msg = true;                 $redirect_to = get_site_url().”/login?action=reset_success”;                wp_safe_redirect($redirect_to);                exit();        }          return $msg; }


Leave a Reply