How do I create a password reset link?

I have the registration workflow set so that my user have to fill out a gravity forms user registration form and then activate their account via a link in an email. The email link sends them to a page that tells the user whether their registration has been successful or a failure. Up on success, I would like my users to click on a password reset link on the activation success page to set their password. I keep getting an invalid link message when I construct the reset link. How do I do construct a valid password reset link?? Here is what I have so far:

?php

global $gw_activate_template;

extract( $gw_activate_template-result );

$url = is_multisite() ? get_blogaddress_by_id( (int) $blog_id ) : home_url('', 'http');
$user = new WP_User( (int) $user_id );

?

h2?php _e('Your account is now active!'); ?/h2

div id="signup-welcome"
    pspan class="h3"?php _e('Username:'); ?/span ?php echo $user-user_login ?/p

pTo set your password, select the following link:  a href="http://example.com/wp-login.php?action=rpkey=?php echo $gw_activate_template-get_activation_key(); ?login=?php echo $user-user_login; ?" http://example.com/wp-login.php?action=rpamp;key=?php echo $gw_activate_template-get_activation_key(); ?amp;login=?php echo $user-user_login; ?/a/p
/div

?php if ( $url != network_home_url('', 'http') ) : ?
    p class="view"?php printf( __('Your account is now activated. a href="%1$s"View the site/a or a href="%2$s"Log in/a'), $url, $url . 'wp-login.php' ); ?/p
?php else: ?
p class="view"?php printf( __('Your account is now activated. a href="%1$s"Log in/a or go back to the a href="%2$s"homepage/a.' ), network_site_url('wp-login.php', 'login'), network_home_url() ); ?/p
?php endif; ?

Topic reset password user-registration Wordpress

Category Web

1
answered at

After much research, I finally turned to examining the WordPress core file wp_login.php hoping that WP would show how they do it in a non-obtuse manner. From the information around line 331 (WP 4.6.1), I put together the following code.

<?php

global $gw_activate_template;

extract( $gw_activate_template->result );

$url = is_multisite() ? get_blogaddress_by_id( (int) $blog_id ) : home_url('', 'http');
$user = new WP_User( (int) $user_id );

$adt_rp_key = get_password_reset_key( $user );
$user_login = $user->user_login;
$rp_link = '<a href="' . network_site_url("wp-login.php?action=rp&key=$adt_rp_key&login=" . rawurlencode($user_login), 'login') . '">' . network_site_url("wp-login.php?action=rp&key=$adt_rp_key&login=" . rawurlencode($user_login), 'login') . '</a>';

if ( is_wp_error( $key ) ) {
    return $key;
}

?>

<h2><?php _e('Your account is now active!'); ?></h2>

<div id="signup-welcome">
    <p><span class="h3"><?php _e('Username:'); ?></span> <?php echo $user->user_login ?></p>
    <p>To set your password, select the following link: <?php echo $rp_link; ?></p>
</div>

The important thing to constructing the link is the key that is put together by get_password_reset_key( $user ); This is a key that is stored in the database which allows the $user to have its password changed. I saw a website that refers to it as a cookie; however this is using a loose definition of "cookie" because nothing is stored on the users computer. The key is stored in the database and linked to the user account.

1
answered at

I am not sure what link are you trying to build and how it ties to specifics of Gravity Forms (questions about which are better aimed at them :)

In native WP case the API method to produce lost password link is generated like this wp_lostpassword_url( home_url() ) (redirect argument optional) and resulting URL has following format: http://example.com/wp-login.php?action=lostpassword&redirect_to=http://example.com.

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.