[Resolved] Customize hint on password form of Toolset

[Author]

Posts

[Dee_DeeA2948]

Hi I'm running into several issues related to the forgot password/reset password process

1. FORGOT PASSWORD PAGE:
On the forgot password page, this is the shortcode that I’m using:
[wpv-forgot-password-form reset_password_url="hidden link"]

Text before submitting email address to reset password:
Did you forget your password?
Please enter your username or email address. You will receive a link to create a new password via email.
Username or Email: (enter username or email here)

Text after submitting email address:
Did you forget your password?
Please enter your username or email address. You will receive a link to create a new password via email.
Check your email for the confirmation link.
Username or Email: (enter username or email here)

***The only text that should remain is “Check your email for the confirmation link.”***

2. TEXT AT THE BOTTOM OF RESET PASSWORD FORM:
Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).

***These password qualifications are not actually required. How can I remove this?***

3. AFTER LOGGING IN WITH MY NEW PASSWORD, IT LOGS ME INTO WORDPRESS (AS A SUBSCRIBER)

On the reset password page, this is the shortcode that I’m using:
[wpv-reset-password-form redirect_url='hidden link'
(I enter a new password & click submit)
This is the redirect link that populates after resetting my password: hidden link

***The problem with this is when I login, it does login me in my website as member, but this ALSO logs me into wordpress. I don’t want my subscribers to see the wordpress settings, dashboard, etc.
Because they’re assigned to the “subscriber” role, they can’t make changes to the site, but this is still an issue.***

Thank you for your help!

New threads created by Beda and linked to this one are listed below:

https://toolset.com/forums/topic/after-logging-in-with-my-new-password-it-logs-me-into-wordpress-as-a-subscriber/

[Beda]

The only text that [wpv-forgot-password-form] outputs is "Username or Email" and an input field, pus a submit button (Generate New Password)
The reset_password_url attribute then is used when the user clicks on the reset password link within the email that was sent, if the request was successful on [wpv-forgot-password-form].
If it fails, the redirect_url_fail is used, if that succeeds, and is set, then redirect_url is used (but this is not the same as reset_password_url which is the one sent in the email).

On none of them I see the strings you mention, unless the expected copies of the WordPress forms ([wpv-forgot-password-form] and it's related is practically a copy of the native WordPress forms.)

In the Reset Password form, I see the labels, the inputs and the hint as you outline
New password
Repeat new password
Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).
This hint is actually WordPress native behaviour, created with the wp_get_password_hint() function of core WordPress code, Toolset just hooks it in to complete the form properly.

You should be able to apply_filters( 'password_hint', $hint );, which means you can create a function "my_custom_hint()", in it return any string (also empty) and then hook that to password_hint

Example:

function my_custom_hint() {
	$string = 'my custom string';
	return $string;
}
add_filter( 'password_hint', 'my_custom_hint', 10, 1 );

This is a function that returns a string.
That function is then added to the password_hint filter, which is applied to WordPress' wp_get_password_hint() core function, hence, you can alter the string with this.

That is BTW how the entire Toolset and plugins/Themes are built on WordPress.
We take existing things, and since WordPress applies those filters we just need to modify them with our own custom functions.
THis might be helpful in future in case you need to alter a similar output. Almost everything in WordPress is "Filterable" - and what's best, many times Toolset uses those core features, so you can still add your custom functionality.

[Dee_DeeA2948]

Thank you, Heda. With your help, I was able to apply_filters( 'password_hint', $hint );
Where I am now:

1. Before I submit my email on the "Forgot Password?" page, the instructions are good. Please reference the image called "Before Submitting Email".

2. After I submit my email on the "Forgot password page", ALL of the instructions remain with an added line about "check your email for the confirmation link". It's really confusing that it still has the OLD instruction and the NEW instruction on the same page. Please reference the image called "After Submitting Email".

3. Once I've reset my password, I see an instruction that says, "Your password has been reset". Please reference the image called "your password has been reset". It's too close the to form and should have a space(gap) between the instruction and the form. Also, I'd like to add a sentence that says, "Please try logging in again."

P.S. Is there a way to add validation to the password? So, if the hint text says: 1 capital letter, 1 special character and 7 characters long. The password reset process actually verifies if the new password qualifies?

Thank you for your help!

[Dee_DeeA2948]

Attachments failed to upload. Trying again.

[Beda]

As I explained, this form is a copy of the WordPress form.
Everything that you can and should modify with custom code when using the WordPress form also will apply to the Toolset form.
The Toolset form only features a few settings for redirects that you can use on the form (for example, on success, or failure)

It however doesn't feature a styling or contents as in warnings customization interface.
This could be requested, of course, you are welcome to send this as an idea for improvement:
https://toolset.com/home/contact-us/suggest-a-new-feature-for-toolset/

To find the filters that WordPress uses, I usually run a text search for example for "check your email for the confirmation link" in WordPress's core code.
I will immediately recognize the apply_filters( 'wp_login_errors', $errors, $redirect_to ); applied to those error or confirmation messages, and hence, can again apply the same logic as perviously mentioned (create a function which is added by add_filter() to the above apply_filter() in the core code)
This then allows me to customize those messages (or apply custom conditions to them).

That's however not part of the Toolset Code - as the login ShortCodes of Toolset accept and (listen to the filters applied to) WordPress Core form's filters.

I suggest, adding a Feature request on the above shared link, asking to let you customize the strings of error messages, success messages or instructions on the login, password and other user management shortcodes that Toolset offers (which now, is only possible when applying custom code).

[Dee_DeeA2948]

Hi Beda. The form displays on the frontend correctly. When I submit my email, I receive the reset password link and the rest functions as expected. I feel like you're missing my concern. Think about like this:

In the toolset documentation, It says:
1. Create the Lost password page (Step 1 in the previous image)
This can be a regular WordPress page that includes the Forgot password form shortcode.
[wpv-forgot-password-form reset_password_url=’hidden link;

**DONE: I've added this shortcode onto my "Lost Password Page". It displays the form perfectly and submits perfectly. When I submit the form, the form still displays with the standardized WordPress instruction "Check your email for the confirmation link". BEAU-TIFUL. That's exactly what I want.

This is the part that doesn't make sense. Please see the image that I've attached (sourced from Toolset document).
It has text added above the shortcode (as I've done as well.) When I submit the form, the text instruction is still there. After submitting the form, the page still has "Did you forget your password? Please enter your username or email..." PLUS the confirmation message that auto populates after completeing the form. PLUS the form. Can you tell me, based on this picture -- How would wordpress automatically know to remove the instruction text on this page and the form after submission? The instruction text is not conditional. Neither is the form.

(What I mean by the instruction text is the text that I manually typed onto the page: "Did you forget your password? Please enter your username or email...")

There is NO rule that says, if the form is submitted, stop displaying the form. What piece am I missing here? (Reference the image from the toolset documentation)

Prior to submitting the page the url is: hidden link
It contains everything I need (text instruction and form)

After submitting the form, the page url changes to: hidden link
It contains everything included before (text instruction and form) plus the auto populated confirmation text.

What it should look like: Before submitting the email address, it must display the manually typed text instruction (to enter email) and form (This is working as expected)
After submitting the manually typed text instruction (to enter email) and form should no longer appear. Only the Auto populated WordPress text should appear "Check your email for the confirmation link.

I sincerely apologize for the lengthy message. I wanted to be clear about where I'm having difficulty. Thank you for your tremendous patience and support.

[Dee_DeeA2948]

My issue is resolved now. Thank you!