[wp-hackers] reset &send user pass

24/7 24-7 at gmx.net
Fri Feb 26 12:55:27 UTC 2010


On Thu, Feb 25, 2010 at 3:20 PM, Jeremy Visser <jeremy at visser.name> wrote:
>
> On 26/02/10 06:20, michael at mfields.org wrote:
>> K, As far as I know there is no way to accomplish this. The password
>> has been stored with one way encryption.
>
> Pretty sure that's now what the O.P. meant to say. Have a re-read:

@Jeremy: Yes, that´s what i tried to say :)

> K, I think you're just best off linking to:
>
>  get_bloginfo('wpurl') . '/wp-login.php?action=lostpassword'
>
> Best not to reinvent the wheel when you don't have to. :)

My problem is, that i can´t simply send a mass e-mail to all users.
The people who are working on with the data have a custom,
trimmed UI. There they got a list of all users and need to reset
and resend the pass only to selected users. And the process needs
to be a "one click" sollution.

> If for some reason that doesn't work, I seem to remember doing a
> plugin for someone a long time ago that would basically simulate the
> password reset process on behalf of the user (using a randomly
> generated password) and then email the user the new password, but this
> has the disadvantage of the password existing in a plain text email
> message.

@Jared: Do you have a link for your plugin? I couldn´t find it on the web.

> If you (or your client, etc.) insists on going that route, you could
> probably look through the code for the methods that need to be called,
> etc., but sending them a link to the normal password reset process
> would certainly be a lot less work and better in terms of security.

I´m just trying to trigger what´s already in use and not just the 
"do you want to reset"-mail from wp-login.php - line 108-183. 
If i copy-paste the wp-login.php (line 185-234) code and populate 
it with the right values, i *should* be able to resend it. (So it should 
be of the same "security level" wp already provides with the way it 
behaves.) My problem is, that i don´t see how to send the mail 
(i think i´m routine-blinded or simply... stupid). 

I hope you can point (or even push) me at the right thing.
Thanks a lot so far.

-K.

------------------------
Franz Kaiser
Vienna (Austria)




More information about the wp-hackers mailing list