To set your password, visit the following address:

When people register they have already typed in their password twice, but then they receive an email that says "To set your password, visit the following address: <https://christiangayschat.com/chatlogin?action=rp&key=vWl29QoosbmWk3jcVBvq&login=mary>

Also, people are randomly getting emails telling them to reset their password.

It's confusing the heck out of everyone. How do we stop these emails?

Thanks!

  • Ash

    Hello @Mary

    I hope you are doing good.

    Please try the following code:

    function wp_new_user_notification( $user_id, $deprecated = null, $notify = '' ) {
        if ( $deprecated !== null ) {
                _deprecated_argument( __FUNCTION__, '4.3.1' );
        }
    
        global $wpdb, $wp_hasher;
        $user = get_userdata( $user_id );
    
        // The blogname option is escaped with esc_html on the way into the database in sanitize_option
        // we want to reverse this for the plain text arena of emails.
        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
    
        $message  = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
        $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
        $message .= sprintf(__('Email: %s'), $user->user_email) . "\r\n";
    
        @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
    
        // <code>$deprecated was pre-4.3</code>$plaintext_pass<code>. An empty</code>$plaintext_pass
    didn't sent a user notifcation.
    if ( 'admin' === $notify || ( empty( $deprecated ) && empty( $notify ) ) ) {
    return;
    }

    // Generate something random for a password reset key.
    $key = wp_generate_password( 20, false );

    /** This action is documented in wp-login.php */
    do_action( 'retrieve_password_key', $user->user_login, $key );

    // Now insert the key, hashed, into the DB.
    if ( empty( $wp_hasher ) ) {
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $wp_hasher = new PasswordHash( 8, true );
    }
    $hashed = time() . ':' . $wp_hasher->HashPassword( $key );
    $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user->user_login ) );

    }
    `

    You can add those codes in your functions.php in the theme, if you think your theme won’t be changed. Otherwise mu-plugins is the best solution. To use mu-plugins, go to /wp-content/ and find the folder with name 'mu-plugins'. If there is no folder in that name, then create a folder, name it 'mu-plugins', create a file inside that, give any name you like and paste the code in there. You don't need to activate that plugin. Mu-plugins means must use plugins, so it will be activated automatically always. If you use mu-plugins then add a php start tag at the beginning of the code.

    Hope it helps :slight_smile: Please feel free to ask more question if you have any.

    Cheers
    Ash

  • Ash

    Hi @Mary

    Sorry, my code above is messed up. Please try the following:

    function wp_new_user_notification( $user_id, $deprecated = null, $notify = '' ) {
    	if ( $deprecated !== null ) {
    		_deprecated_argument( __FUNCTION__, '4.3.1' );
    	}
    
    	global $wpdb, $wp_hasher;
    	$user = get_userdata( $user_id );
    
    	// The blogname option is escaped with esc_html on the way into the database in sanitize_option
    	// we want to reverse this for the plain text arena of emails.
    	$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
    
    	$message  = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
    	$message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
    	$message .= sprintf(__('Email: %s'), $user->user_email) . "\r\n";
    
    	@wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
    
    	if ( 'admin' === $notify || ( empty( $deprecated ) && empty( $notify ) ) ) {
    		return;
    	}
    
    	// Generate something random for a password reset key.
    	$key = wp_generate_password( 20, false );
    
    	/** This action is documented in wp-login.php */
    	do_action( 'retrieve_password_key', $user->user_login, $key );
    
    	// Now insert the key, hashed, into the DB.
    	if ( empty( $wp_hasher ) ) {
    		require_once ABSPATH . WPINC . '/class-phpass.php';
    		$wp_hasher = new PasswordHash( 8, true );
    	}
    	$hashed = time() . ':' . $wp_hasher->HashPassword( $key );
    	$wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user->user_login ) );
    }

    Hope it helps :slight_smile: Please feel free to ask more question if you have any.

    Cheers
    Ash

  • Ash

    Hi Mary

    Please try to use this code in mu-plugins.

    To use mu-plugins, go to /wp-content/ and find the folder with name 'mu-plugins'. If there is no folder in that name, then create a folder, name it 'mu-plugins', create a file inside that, give any name you like and paste the code in there. You don't need to activate that plugin. Mu-plugins means must use plugins, so it will be activated automatically always. If you use mu-plugins then add a php start tag at the beginning of the code.

    Please let me know if it works.

    Cheers
    Ash

  • Ash

    Hi @Mary

    I can't check it via site admin, I will need cpanel or ftp to check that.

    Would you please send me cpanel login or ftp login details?

    To send me details, please use our contact form: https://premium.wpmudev.org/contact/

    Select: I have a different question
    Subject: Attn-Ash (this ensures that it will be assigned to me)
    Details:
    1. Send all requested details
    2. Send a link of this thread so that I can track
    3. Send any other relevant link

    I will be happy to take a look :slight_smile:

    Cheers
    Ash

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.