我试图在配置文件下创建更改密码的自定义页面。当我存储/更新新的用户密码(已经更改为哈希值)时,它将自动注销。新密码可用于再次登录。有没有办法在不登出的情况下更新用户密码?我想避免使用插件…下面是我的代码:-
<form method='post' action='changepassword'>
<div class='mypageMyDetailsBox'>
<span class='titleSub'>Password</span>
<table width='90%' align="center">
<tr>
<td width='40%'>Current Password</td>
<td width='60%'><input type='text' name='currentpassword' size='70'></td>
</tr>
<tr>
<td>New Password</td>
<td><input type='text' name='newpassword' size='70'></td>
</tr>
<tr>
<td>Confirm New Password</td>
<td><input type='text' name='confirmpassword' size='70'></td>
</tr>
</table>
</div>
</div>
<div align='center'>
<input type='submit' name='submit_update' value='Update' class='subUpt'>
</div>
</form>
<?php
if (isset($_POST['submit_update'])) {
$currentpassword = $_POST['currentpassword'];
$newpassword = $_POST['newpassword'];
require_once ABSPATH . 'wp-includes/class-phpass.php';
$wp_hasher = new PasswordHash( 8, true );
$user_info = get_userdata($currentUserID);
$user_pass = $user_info->user_pass;
if($wp_hasher->CheckPassword($currentpassword, $user_pass)) {
$passhash = wp_hash_password($newpassword);
$upd = $wpdb->query("UPDATE wp_users SET user_pass = '".$passhash."' WHERE ID = ".$currentUserID." LIMIT 1");
if ($upd) {
//Success
}
} else {
//Password not match
}
}
?>
提前感谢。
您应该尝试使用wp_set_password,而不是直接使用WP_Query。虽然我没有专门测试过,但它应该更新密码,而不需要您退出并重新登录。
编辑:问题是cookie变得无效。您需要使用wp_set_auth_cookie来设置/重置cookie。试着添加这个:
if(!is_wp_error($update))
{
wp_cache_delete($user_ID,'users');
wp_cache_delete($user->user_login,'userlogins');
wp_logout();
if (wp_signon(array('user_login'=>$user->user_login,'user_password'=>$_POST['admin_pass1']),false)):
wp_redirect(admin_url());
endif;
ob_start();
}else{
wp_set_auth_cookie( $current_user_id, true);
}
这对我来说不起作用,所以我把这个贴出来供将来参考:
wp_set_password($_POST['new_password'], $user_id);
$current_user = wp_signon(array('user_login' => $user_login, 'user_password' => $_POST['new_password']));
在wordpress 5.5.1上工作的完整更改密码自定义页面
这个控制:- 验证用户输入
- 提供关于用户输入的基本消息
- 修改密码
- 更改密码后不注销
<?php
global $wp;
$current_slug = add_query_arg( array(), $wp->request );
$full_path=add_query_arg( $wp->query_vars, home_url( $wp->request ) );
if (isset($_POST['submit_update'])) {
$currentpassword = $_POST['currentpassword'];
$newpassword = $_POST['newpassword'];
$confirmpassword = $_POST['confirmpassword'];
$empty_new_pw = empty($newpassword) || empty($confirmpassword);
require_once ABSPATH . 'wp-includes/class-phpass.php';
$wp_hasher = new PasswordHash( 8, true );
$user = wp_get_current_user();
$password_changed_ok = false;
$invalid_password = false;
$passwords_dont_match = ($newpassword != $confirmpassword);
//$newpasswordhash = wp_hash_password($currentpassword);
if ($passwords_dont_match || $empty_new_pw) {
// empty on purpose
} else if ( wp_check_password( $currentpassword, $user->user_pass, $user->ID ) ) {
wp_set_password($newpassword, $user->ID);
$userid=$user->ID;
// $user = wp_signon(array('user_login' => $user->user_login, 'user_password' => $newpassword));
$userdata['ID'] = $userid; //user ID
$userdata['user_pass'] = $newpassword;
wp_update_user( $userdata );
$password_changed_ok = true;
} else {
$invalid_password = true;
}
}
?>
<form method='post' action='/<?php print("$full_path"); ?>'>
<div class='mypageMyDetailsBox'>
<?php if ($password_changed_ok): ?>
<span class='titleSub'>Hasło zmienione poprawnie!</span>
<?php else: ?>
<span class='titleSub'>Zmień hasło</span>
<?php endif ?>
<br/>
<table width='90%' align="center">
<tr>
<td width='40%'>Aktualne hasło</td>
<td width='60%'><input type='password' name='currentpassword' size='70'>
<?php if ($invalid_password): ?>
Niepoprawne hasło
<?php endif ?>
</td>
</tr>
<tr>
<td>New Password</td>
<td><input type='password' name='newpassword' size='70'>
<?php if ($empty_new_pw): ?>
Wpisz nowe hasło
<?php endif ?>
</td>
</tr>
<tr>
<td>Confirm New Password</td>
<td><input type='password' name='confirmpassword' size='70'>
<?php if ($passwords_dont_match): ?>
Hasła się nie zgadzają
<?php endif ?>
<?php if ($empty_new_pw): ?>
Wpisz nowe hasło powtórnie
<?php endif ?>
</td>
</tr>
</table>
</div>
</div>
<div align='center'>
<input type='submit' name='submit_update' value='Update' class='subUpt'>
</div>
</form>