• LifterLMS
  • Knowledge Base
  • Academy
  • Blog
  • Podcast
  • Contributors

LifterLMS LifterLMS

Code Reference

  • Home
  • Code Reference
Skip to content
Filter by type:
Search
Browse: Home / Code Reference / Classes / LLMS_Controller_Account / LLMS_Controller_Account::lost_password()

LLMS_Controller_Account::lost_password()

Handle form submission of the Lost Password form This is the form that sends a password recovery email with a link to reset the password

Contents

  • Description
    • Return
    • Source
    • Changelog
  • Related
    • Uses
  • User Contributed Notes

Description #Description


Return #Return

(void)


Top ↑

Source #Source

File: includes/forms/controllers/class.llms.controller.account.php

	public function lost_password() {

		// invalid nonce or the form wasn't submitted
		if ( ! llms_verify_nonce( '_lost_password_nonce', 'llms_lost_password', 'POST' ) ) {
			return;
		}

		// verify required field
		if ( empty( $_POST['llms_login'] ) ) {
			return llms_add_notice( __( 'Enter a username or e-mail address.', 'lifterlms' ), 'error' );
		}

		$login = trim( $_POST['llms_login'] );

		// always check email
		$get_by = array( 'email' );
		// add login if username generation is disabled (eg users create their own usernames)
		if ( 'no' === get_option( 'lifterlms_registration_generate_username' ) ) {
			$get_by[] = 'login';
		}

		$user = null;
		// check each field to find the user
		foreach ( $get_by as $field ) {
			$user = get_user_by( $field, $login );
			// if we find a user skip the next check
			if ( $user ) {
				break;
			}
		}

		// if we don't have a user return an error
		if ( ! $user ) {
			return llms_add_notice( __( 'Invalid username or e-mail address.', 'lifterlms' ), 'error' );
		}

		do_action( 'retrieve_password', $user->user_login ); // wp core hook

		// ensure that password resetting is allowed based on core filters & settings
		$allow = apply_filters( 'allow_password_reset', true, $user->ID ); // wp core filter

		if ( ! $allow ) {

			return llms_add_notice( __( 'Password reset is not allowed for this user', 'lifterlms' ), 'error' );

		} elseif ( is_wp_error( $allow ) ) {

			return llms_add_notice( $allow->get_error_message(), 'error' );

		}

		$key = llms_set_user_password_rest_key( $user->ID );

		// setup the email
		$email = LLMS()->mailer()->get_email( 'reset_password', array(
			'key' => $key,
			'user' => $user,
			'login_display' => 'email' === $get_by ? $user->user_email : $user->user_login,
		) );

		// send the email
		if ( $email ) {

			if ( $email->send() ) {
				return llms_add_notice( __( 'Check your e-mail for the confirmation link.', 'lifterlms' ) );
			}
		}

		return llms_add_notice( __( 'Unable to reset password due to an unknown error. Please try again.', 'lifterlms' ), 'error' );

	}

Expand full source code Collapse full source code View on GitHub


Top ↑

Changelog #Changelog

Changelog
Version Description
3.8.0 Introduced.

Top ↑

Related #Related

Top ↑

Uses #Uses

Uses
Uses Description
includes/llms.functions.core.php: llms_verify_nonce()

Verify nonce with additional checks to confirm request method Skips verification if the nonce is not set Useful for checking nonce for various LifterLMS forms which check for the form submission on init actions

includes/functions/llms.functions.notice.php: llms_add_notice()

Stores notice in llms_notices session

includes/functions/llms.functions.person.php: llms_set_user_password_rest_key()

Generate a user password reset key, hash it, and store it in the database

lifterlms.php: LLMS()

Returns the main instance of LLMS


Top ↑

User Contributed Notes #User Contributed Notes

You must log in before being able to contribute a note or feedback.





Permalink:
© 2014 - 2019 LifterLMS · Privacy Policy · Terms and Conditions