I am trying to: create a user with a CRED user form
I visited this URL: hidden link
then hidden link
I expected to see: a successful login
Instead, I got: a failed login with an incorrect password message even though I saved the username and password and know they were correct (I've tried this multiple times with more than one user account).
If I use WordPress admin to generate a new password for the user, it works fine.
If I use the CRED API and set the user_pass with the user_pass from the form, it also works fine expect that generates a changed password email to the user that I don't want sent so it is not an acceptable workaround.
Why might the user form not be able to set the password the user entered correctly?
Here is the password section of my CRED user form:
<div class="cred-field cred-field-password">
<label class="cred-label">
Password (please use at last 8 characters with at least 1 capital letter and at least 1 number)
</label>
[cred_field field='user_pass' post='user' value='' urlparam='']
<label class="cred-label">
Repeat password
</label>
[cred_field field='user_pass2' post='user' value='' urlparam='']
</div>
No custom code. I tried updating the password in the cred_save filter (worked but sent the unwanted password change email to the user) but I have removed that code and the problem persists.
No other plugins related to user creation or password. I removed Wordfence in case its password policies were a problem.
I have the same site on my laptop / localhost and online at demos.trailwebsites.com/gx
The problem happens on both but that isn't a huge surprise since the online is a copy of the local with the URLs updated.
I have done some debugging by inserting the password into an error message with the cred validation filter just to make sure the password entered is the password making that far into the process. It matches at that point in the process. Because the password is hashed before being saved, I can't easily verify that it is correct further into the process but my next step is to create a user manually with the same password and compare the hashes to look for more clues.
Shane, I created a new form and manually inserted the fields I needed, gave them very basic labels, added a submit button and it worked.
The difference is the form with the problem was generated with the CRED auto generate userform button and this one was totally manual.
Is it possible the auto generate sets the form to generate user passwords and there is no way to turn that off even if there are manual password fields added to the form when it is edited after being generated? I don't see any place to turn off password generation if the auto generate password button was checked when the form was first auto generated. I
suspect
(but don't know for sure) that is what caused my problem.
I've fixed my problem by creating a new form manually but you may want to flag this either a bug or an enhancement request. It would be very useful to be able to change an auto generate setting for nickname, password, username, etc. without having to delete the whole form and start over again.
This ticket is now closed. If you're a Toolset client and need related help, please open a new support ticket.