I'm stuck. I am doing a redirection from the approve post function to the link that establishes the password. This works, but it does not take the user. that is, open the page of reset password but I see the error that the user was not designated.
am I calling the variable wrong? Thanks in advance.
add_action('init', 'approve_post', 10, 2 );
add_action('edit_user_created_user', 'approve_post', 10, 2 );
function approve_post($user, $notify) {
if ( isset($_GET['approve']) && isset($_GET['email']) ) {
// have we all variable needed?
if ( empty($_GET['approve']) || ! filter_var($_GET['email'], FILTER_VALIDATE_EMAIL) ) return;
// get post
$post = get_post($_GET['approve']);
// this post has an author?
if ( ! isset($post->post_author) ) return;
// is the post already published?
if ( $post->post_status == 'publish' ) {
wp_redirect("" . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "");
exit();
} elseif ( $post->post_status != 'pending' ) { // was the post deleted by admin?
return;
}
// get the author
$author = new WP_User($post->post_author);
// check author variable
if ( ! isset($author->user_email) ) return;
// verify email
if ( $_GET['email'] != $author->user_email ) return;
// verify key
$key = get_post_meta( $post->ID, '_approve_key', true);
if ( $key != md5( $author->user_email . $post->ID ) ) return;
// ok, update status
$post_data = array('ID' => $post->ID, 'post_status' => 'publish');
$update = wp_update_post($post_data);
// update failed...
if ( ! $update ) return;
// delete verify key
delete_post_meta($post->ID, '_approve_key');
// work finished, view the post
wp_redirect("" . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "");
exit();
} return $notify;
}
I'm stuck. I am doing a redirection from the approve post function to the link that establishes the password. This works, but it does not take the user. that is, open the page of reset password but I see the error that the user was not designated.
am I calling the variable wrong? Thanks in advance.
add_action('init', 'approve_post', 10, 2 );
add_action('edit_user_created_user', 'approve_post', 10, 2 );
function approve_post($user, $notify) {
if ( isset($_GET['approve']) && isset($_GET['email']) ) {
// have we all variable needed?
if ( empty($_GET['approve']) || ! filter_var($_GET['email'], FILTER_VALIDATE_EMAIL) ) return;
// get post
$post = get_post($_GET['approve']);
// this post has an author?
if ( ! isset($post->post_author) ) return;
// is the post already published?
if ( $post->post_status == 'publish' ) {
wp_redirect("" . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "");
exit();
} elseif ( $post->post_status != 'pending' ) { // was the post deleted by admin?
return;
}
// get the author
$author = new WP_User($post->post_author);
// check author variable
if ( ! isset($author->user_email) ) return;
// verify email
if ( $_GET['email'] != $author->user_email ) return;
// verify key
$key = get_post_meta( $post->ID, '_approve_key', true);
if ( $key != md5( $author->user_email . $post->ID ) ) return;
// ok, update status
$post_data = array('ID' => $post->ID, 'post_status' => 'publish');
$update = wp_update_post($post_data);
// update failed...
if ( ! $update ) return;
// delete verify key
delete_post_meta($post->ID, '_approve_key');
// work finished, view the post
wp_redirect("" . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "");
exit();
} return $notify;
}
(Revised answer)
The problem with your code is that the password reset link/URL is missing the proper password reset key and user login slug — the $key (password reset key) and $user_login (user login slug) as you can see below, are both missing (i.e. not defined anywhere in your code):
network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login')
So to fix the problem:
Replace this:
if ( $post->post_status == 'publish' ) {
wp_redirect("" . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "");
exit();
}
with this:
if ( $post->post_status == 'publish' ) {
if ( ! $user = get_user_by( 'email', $_GET['email'] ) ) return;
$key = get_password_reset_key( $user );
wp_redirect("" . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user->user_login), 'login') . "");
exit();
}
Replace this:
// work finished, view the post
wp_redirect("" . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "");
with this:
// work finished, view the post
$key = get_password_reset_key( $author );
wp_redirect("" . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($author->user_login), 'login') . "");
And note that the init hook doesn't pass any parameters to the callback function (which in your case is approve_post()), so your code should be just:
add_action( 'init', 'approve_post' );
So the approve_post() function should be defined without any parameters:
function approve_post() // like this
function approve_post($user, $notify) // not this
And hooking to the init action only is enough; so this is not necessary:
add_action('edit_user_created_user', 'approve_post', 10, 2 );
This is also not necessary — at the end of the function (before the closing }), you don't need to return anything:
return $notify; // just remove this