users – Custom Password Reset


I am building a function that should send the user an email with a password-reset-link in it (I am just using it after registration because I don’t want my user to set his password while registrating).

I tried the following code in a wordpress template, where it worked just fine. The mail got sent successfully. Today I rewrote other parts of the user system and put it into a plugin. The Registration works completely fine on its own (data gets saved into the database and so on) but the email does not get sent anymore and I can’t figure out why. ($user_login should be an email adress)

 private function custom_set_user_password($user_login){
    global $wpdb, $wp_hasher;

    $user_login = sanitize_text_field($user_login);
    if (empty($user_login) ) {
        return false;
    } else if (strpos( $user_login, '@' )) {
        $user_data = get_user_by('email', trim($user_login));
        if ( empty( $user_data ) )
        return false;
    } else {
        $login = trim($user_login);
        $user_data = get_user_by('login', $login);


    if (!$user_data) {
        return false;

    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;

    do_action('retrieve_password', $user_login);

    $allow = apply_filters('allow_password_reset', true, $user_data->ID);

    if (!$allow){
        return false;
    else if (is_wp_error($allow)) {
        return false;
    $key = wp_generate_password( 20, false );
    do_action( 'retrieve_password_key', $user_login, $key );

    if (empty($wp_hasher)) {
        require_once ABSPATH . 'wp-includes/class-phpass.php';
        $wp_hasher = new PasswordHash(12, true );
    $hashed = time() . ':' . $wp_hasher->HashPassword($key);
    $wpdb->update($wpdb->users, array( 'user_activation_key' => $hashed ), array('user_login' => $user_login) );

    $message = "example";
    $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'https') . ">rn";

    $site_name="Set your Password"; 

    $title = sprintf('[%s] Set Password', $site_name);
    $title = apply_filters('retrieve_password_title', $title);
    $message = apply_filters('retrieve_password_message', $message, $key);

    $sent = wp_mail($user_email, $title, $message);

    if (!$sent) {
        return false;
    } else {
        return true;

Do I have to configure something differently when using it in a plugin or have i overlooked something in my code?

Side question: wp_mail() is using SMTP to send mails right? If yes, where exactly are the configurations for it?

Btw: I am coding on a localhost, I uploaded my files to a deployment-server and tested it that way.

in progress 0
HubertIsCool 4 months 2021-06-22T08:55:47-05:00 0 Answer 0 views 0

Answer ( 1 )


    If you do not set SMTP details then it will just use the servers provided mail routine (usually sendmail), which your host provides.

Leave an answer