[wp-hackers] reset &send user pass
24-7 at gmx.net
Fri Feb 26 12:55:27 UTC 2010
On Thu, Feb 25, 2010 at 3:20 PM, Jeremy Visser <jeremy at visser.name> wrote:
> On 26/02/10 06:20, michael at mfields.org wrote:
>> K, As far as I know there is no way to accomplish this. The password
>> has been stored with one way encryption.
> Pretty sure that's now what the O.P. meant to say. Have a re-read:
@Jeremy: Yes, that´s what i tried to say :)
> K, I think you're just best off linking to:
> get_bloginfo('wpurl') . '/wp-login.php?action=lostpassword'
> Best not to reinvent the wheel when you don't have to. :)
My problem is, that i can´t simply send a mass e-mail to all users.
The people who are working on with the data have a custom,
trimmed UI. There they got a list of all users and need to reset
and resend the pass only to selected users. And the process needs
to be a "one click" sollution.
> If for some reason that doesn't work, I seem to remember doing a
> plugin for someone a long time ago that would basically simulate the
> password reset process on behalf of the user (using a randomly
> generated password) and then email the user the new password, but this
> has the disadvantage of the password existing in a plain text email
@Jared: Do you have a link for your plugin? I couldn´t find it on the web.
> If you (or your client, etc.) insists on going that route, you could
> probably look through the code for the methods that need to be called,
> etc., but sending them a link to the normal password reset process
> would certainly be a lot less work and better in terms of security.
I´m just trying to trigger what´s already in use and not just the
"do you want to reset"-mail from wp-login.php - line 108-183.
If i copy-paste the wp-login.php (line 185-234) code and populate
it with the right values, i *should* be able to resend it. (So it should
be of the same "security level" wp already provides with the way it
behaves.) My problem is, that i don´t see how to send the mail
(i think i´m routine-blinded or simply... stupid).
I hope you can point (or even push) me at the right thing.
Thanks a lot so far.
More information about the wp-hackers