Verify password before changing it in Edit Profile area

This thread is resolved. Here is a description of the problem and solution.

Problem: I would like to verify a User's password before allowing them to modify it with a Form on the front-end of the site.

Solution: There's nothing built-in to Toolset that will help you re-validate a password before changing it with Forms, but you could use a generic field and some custom validation code to verify the submission before the modification.

Relevant Documentation:
https://toolset.com/documentation/user-guides/inserting-generic-fields-into-forms/
https://toolset.com/documentation/programmer-reference/cred-api/#cred_form_validate
https://codex.wordpress.org/Function_Reference/wp_check_password

This support ticket is created 5 years, 9 months ago. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Sun	Mon	Tue	Wed	Thu	Fri	Sat
8:00 – 12:00	8:00 – 12:00	8:00 – 12:00	8:00 – 12:00	8:00 – 12:00	-	-
13:00 – 17:00	13:00 – 17:00	13:00 – 17:00	13:00 – 17:00	13:00 – 17:00	-	-

Supporter timezone: America/New_York (GMT-04:00)

Tagged: Toolset Forms

This topic contains 2 replies, has 2 voices.

Last updated by cortJ 5 years, 9 months ago.

Assisted by: Christian Cox.

Author

Posts

January 26, 2019 at 3:10 pm #1191496

cortJ

Tell us what you are trying to do?

I'm building a my account page where the user can edit their profile details, namely password, email, first name and last name. The password gets changed when the two passwords in the textboxes are the same and I click on submit. However, before changing the password I want to re-verify the password. In the past few years this has become standard practice across most accounts on the web.

Is there any documentation that you are following?

Yes, https://toolset.com/documentation/user-guides/using-editing-forms-to-edit-your-profile/

Is there a similar example that we can see?
It's a standard feature across most . Passwords are verified before changing sensitive details for an account.

January 27, 2019 at 9:53 pm #1191681

Christian Cox

Hi, there's not a built-in password re-validation system like this in WordPress account management or Toolset User Forms, but you could use a generic "password" field in the Form and validate that input against the current User's current password with the Forms API and some custom code:
https://toolset.com/documentation/user-guides/inserting-generic-fields-into-forms/
https://toolset.com/documentation/programmer-reference/cred-api/#cred_form_validate
https://codex.wordpress.org/Function_Reference/wp_check_password

If you'd like to see this feature added natively to Toolset, I encourage you to submit a request using our suggestion Form here: https://toolset.com/home/contact-us/suggest-a-new-feature-for-toolset/

January 30, 2019 at 6:40 pm #1193292

cortJ

Thanks. The workaround you have suggested will work for us for now.