Skip to content

Instantly share code, notes, and snippets.

@davidfcarr
Created January 3, 2021 23:05
Show Gist options
  • Save davidfcarr/0d78688bb9bcb14893aaf2918e5f3b8a to your computer and use it in GitHub Desktop.
Save davidfcarr/0d78688bb9bcb14893aaf2918e5f3b8a to your computer and use it in GitHub Desktop.
<?php
/*
Sample code for including the WordPress password reset function, including password strength meter, on a custom admin page
*/
/*include the javascript from the user profile page on your own custom admin page*/
add_action( 'wp_enqueue_scripts', 'password_strength_scripts' );
function password_strength_scripts() {
if( isset($_REQUEST["page"]) && ($_REQUEST["page"] == 'my_admin_wizard')) {
wp_enqueue_script('password-strength-meter');
wp_enqueue_script('user-profile');
}
}
/*
call this to output required markup on your plugin's custom page. Adapted from wordpress core code
*/
function my_plugin_wizard_password() {
global $current_user;
$profileuser = $current_user;
?>
<table class="form-table" role="presentation">
<tr id="password" class="user-pass1-wrap">
<th><label for="pass1"><?php _e( 'New Password' ); ?></label></th>
<td>
<input class="hidden" value=" " /><!-- #24364 workaround -->
<button type="button" class="button wp-generate-pw hide-if-no-js" aria-expanded="false"><?php _e( 'Set New Password' ); ?></button>
<div class="wp-pwd hide-if-js">
<span class="password-input-wrapper">
<input type="password" name="pwd" id="pass1" class="regular-text" value="" autocomplete="off" data-pw="<?php echo esc_attr( wp_generate_password( 24 ) ); ?>" aria-describedby="pass-strength-result" />
</span>
<button type="button" class="button wp-hide-pw hide-if-no-js" data-toggle="0" aria-label="<?php esc_attr_e( 'Hide password' ); ?>">
<span class="dashicons dashicons-hidden" aria-hidden="true"></span>
<span class="text"><?php _e( 'Hide' ); ?></span>
</button>
<button type="button" class="button wp-cancel-pw hide-if-no-js" data-toggle="0" aria-label="<?php esc_attr_e( 'Cancel password change' ); ?>">
<span class="dashicons dashicons-no" aria-hidden="true"></span>
<span class="text"><?php _e( 'Cancel' ); ?></span>
</button>
<div style="display:none" id="pass-strength-result" aria-live="polite"></div>
</div>
</td>
</tr>
<tr class="user-pass2-wrap hide-if-js">
<th scope="row"><label for="pass2"><?php _e( 'Repeat New Password' ); ?></label></th>
<td>
<input name="pass2" type="password" id="pass2" class="regular-text" value="" autocomplete="off" aria-describedby="pass2-desc" />
<p class="description" id="pass2-desc"><?php _e( 'Type the new password again.' ); ?></p>
</td>
</tr>
<tr class="pw-weak">
<th><?php _e( 'Confirm Password' ); ?></th>
<td>
<label>
<input type="checkbox" name="pw_weak" class="pw-checkbox" />
<span id="pw-weak-text-label"><?php _e( 'Confirm use of weak password' ); ?></span>
</label>
</td>
</tr>
</table>
<?php
}
/* Your custom plugin code for handling other settings should implement something like this */
function my_plugin_handle_password_reset() {
if(!empty($_POST['pwd'])) {
global $current_user;
reset_password($current_user,stripslashes($_POST['pwd']));
$weakwarning = (empty($_POST['pw_weak'])) ? '' : '<span style="color:red; font-weight: bold;">Warning: A weak password makes it more likely your site will be hacked.</span>';
echo '<div class="notice notice-success"><p>Password Changed - you must <a href="'.wp_login_url(admin_url('admin.php?page=wp4t_setup_wizard&setup_wizard=2')).'">login again with your new password</a> to continue. '.$weakwarning.'</p></div>';
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment