[buddypress-dev] changing your user password via BuddyPress

David J. Bisset dbisset at dimensionmedia.com
Sun Aug 10 20:08:00 GMT 2008

Hey all,

I was looking for a way to change your user login password WITHOUT  
going into wp-admin backend in the spirit of the BuddyPress template.

This is a ROUGH way of doing it (editing the core) but it seems to  
work. If anyone has suggestions for how to make this work without  
editting the core i'm all ears. Or maybe this can be a future addition.

What i did was simply create a profile group "advanced" with a textbox  
"desired password". Then I edited bp-xprofile.php around line 300  
after the IF statement (if($post_field_string != null)).

if ($group->id == 2 and $group->fields[$j]->id == 24) { // this is the  
password-update box, located in the advanced(2) group
									$ID = (int) $userdata->ID;

									// First, get all of the original fields
									$user = get_userdata($ID);

									// Escape data pulled from DB.
									$user = add_magic_quotes(get_object_vars($user));

									// If password is changing, hash it now.
									if ( ! empty($profile_data->value) ) {
										$plaintext_pass = $profile_data->value;
										$userdata->user_pass = wp_hash_password($profile_data->value);

									// Merge old and new fields with new fields overwriting old ones.
									$userdata = array_merge($user, $userdata);
									$user_id = wp_insert_user($userdata);

The reason why i'm not using wp's own function (wp_update_user) to  
change the data (which is where this code is actually being pulled) is  
because the wp_update_user attempts to clear/reset cookies and that  
causes header redirect errors because this is being doing in the  
middle of rendering the BuddyPress template page.

Like I said, this is rough but so far works. There are better ways and  
i'm open to hearing them.

David Bisset
Director of Web Development
Dimension Media, Inc.

More information about the buddypress-dev mailing list