Edit default Wordpress password reset email

Question

So I first tried using the retrieve_password_message filter, but unfortunately I got no response when entering the email on the site and no email was being sent. (btw I am using the OceanWP Popup Login)

add_filter( 'retrieve_password_message', 'my_retrieve_password_message', 10, 4 );

function my_retrieve_password_message( $message, $key, $user_login, $user_data ) {

    $site_name = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
    $message = __( 'Die Passwortzurücksetzung wurde für das folgende Konto beantragt:' ) . "\r\n\r\n";
    /* translators: %s: site name */
    $message .= sprintf( __( 'Name der Website: %s' ), $site_name ) . "\r\n\r\n";
    /* translators: %s: user login */
    $message .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n\r\n";
    $message .= __( 'Wenn dies ein Fehler war, ignorieren Sie diese E-Mail einfach, und es wird nichts passieren.' ) . "\r\n\r\n";
    $message .= __( 'Um Ihr Passwort zurückzusetzen, besuchen Sie die folgende Adresse:' ) . "\r\n\r\n";
    $message .= '<https://smartinvestor.de/wp-login.php?action=rp&key=' . $key . '&login=' . rawurlencode( $user_login) . ">\r\n";

    return $message;

}

I had a feeling that it had to do with the $user_login. So I then attempted to reconstruct the data from the filter. Now the user gets a response and the email sends (which I was not getting with the above code), but unfortunately there seems to be a problem with the login. $user_login is not working, it is just being returned blank, meaning the password reset url is not working.

If I enter the login manually the url works, confirming it is not to do with the key. My theory is that because the username is not the trimmed email, that it is returning false? How can I get the user_login without getting it from the email.

add_filter('retrieve_password_message', 'my_reset_password_message', null, 2);

function my_reset_password_message( $message, $key ) {

    if ( strpos($_POST['user_login'], '@') ) {
        $user_data = get_user_by('email', trim($_POST['user_login']));
    } else {
        $login = trim($_POST['user_login']);
        $user_data = get_user_by('login', $login);
    }

    $user_login = $user_data->user_login;

    $msg = __('The password for the following account has been requested to be reset:'). "\r\n\r\n";
    $msg .= network_site_url() . "\r\n\r\n";
    $msg .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    $msg .= __('If this message was sent in error, please ignore this email.') . "\r\n\r\n";
    $msg .= __('To reset your password, visit the following address:');
    $msg .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login');


    return $msg;

}

Answer 1

I would suggest to use the user_login provided by the hook it self, try like this.

add_filter("retrieve_password_message", "my_reset_password_message", 99, 4);

function my_reset_password_message($message, $key, $user_login, $user_data )    {

    $message = "The password for the following account has been requested to be reset:

    " . sprintf(__('%s'), $user_data->user_email) . "

    If this was a mistake, just ignore this email and nothing will happen.

    To reset your password, visit the following address:

    " . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";

    return $message;

}

I ckecked the reset mail form you are using on your site. For username/email field u are using "opl_user_or_email" instead of "user_login" hence the user_login field is coming empty, you can either change the form and replace "opl_user_or_email" to "user_login" which I would recommend or you can replace $_POST["user_login"] in your 2nd approach with $_POST["opl_user_or_email"].