Reset Password Bug: Patch and Fixed Files

After my last post on how to reset your WordPress password manually, people have asked for the patch and the changed files for the bug in 2.5.1. I’ve grabbed these files straight from Trac, so they should work (hopefully ;) ).

Most users will want the changed files zip. To use this, extract the archive into your wordpress directory and upload wp-login.php and pluggable.php.

For users who wish to use the patch, I’ll assume you know how to do that ;-)

Edit: If this appears not to work, Doug has kindly worked out why and notes how to fix that. Thanks Doug!

Post a comment | Trackback URI

Comments (18)

  1. Gigi wrote::

    This patch does not work for me.. what sould I do?

    Sunday, May 4, 2008 at 6:24 pm #
  2. Ryan McCue wrote::

    @Gigi: What do you mean by it “doesn’t work”?

    Sunday, May 4, 2008 at 9:50 pm #
  3. Stuart Robertson wrote::

    I’m not having any luck with it either. It’s giving me the same key (including a ^) as it was before I uploaded the changed files, if that’s helpful.

    Saturday, May 10, 2008 at 12:20 am #
  4. Ryan McCue wrote::

    Well, the patch is taken from the core WordPress patch, it *should* work.

    Are you sure you’ve uploaded them correctly?

    Saturday, May 10, 2008 at 12:35 pm #
  5. jay wrote::

    I’ve uploaded the files, and they do not work for me either. I’m pretty confident that I did it right.

    Sunday, June 1, 2008 at 4:42 pm #
  6. jay wrote::

    Well, I tried your manual reset the MySQL way, and that worked like a charm. Thanks a bunch!

    Sunday, June 1, 2008 at 5:06 pm #
  7. Ryan McCue wrote::

    Hmm, well, that’s a plus :P

    Sunday, June 1, 2008 at 10:25 pm #
  8. Antti-Juhani Kaijanaho wrote::

    The patch did not fix the problem for me either. Are you sure the patch contains the whole fix?

    Monday, June 23, 2008 at 5:54 pm #
  9. Antti-Juhani Kaijanaho wrote::

    Indeed, I see additional patches are required, looking at the Trac ticket.

    Monday, June 23, 2008 at 5:56 pm #
  10. Doug wrote::

    It appears that if the wp_users table already contains an activation key, it is not cleared before a new one is generated after installing the patch; thus, the patch appears to not work. In fact, it does.

    After installing the patch:
    For my account, the link in the reset email still contained an allegedly invalid key. When I had a colleague try, the activation key was indeed 20 characters and her email link did contain a valid key.

    Next step is to remove my activation key from the wp_users table and try the password reset again.

    Thanks for making the solution available!

    Doug

    Thursday, June 26, 2008 at 2:18 am #
  11. Ryan McCue wrote::

    Thanks Doug! I’ve added a link to your comment from the main post, which might help everyone this isn’t working for.

    Thursday, June 26, 2008 at 11:26 pm #
  12. P.S. wrote::

    How/Where do I access and edit that wp-user table through the files?

    Friday, July 4, 2008 at 3:47 pm #
  13. Ryan McCue wrote::

    P.S. : You’ll need to use phpMyAdmin or something like it, as it is in your database.

    Saturday, July 5, 2008 at 6:09 pm #
  14. whyameye wrote::

    no, the patch doesn’t work, even with this tip. I used phpMyAdmin, removed the activation key in the database, requested a new key, and the new key doesn’t work either. Every time a request a new key now it is a different set of characters.

    Saturday, August 2, 2008 at 3:31 pm #
  15. whyameye wrote::

    Oops. I had deleted the activation_key field by mistake. When I recreated it worked.

    Saturday, August 2, 2008 at 3:50 pm #
  16. Matthew wrote::

    Thank you SO much! This worked perfectly!

    Tuesday, November 11, 2008 at 12:55 am #
  17. sunday wrote::

    Thanks to you all. The post here have help solve the issue of password retrival

    Tuesday, November 18, 2008 at 5:30 am #
  18. Chris wrote::

    Thanks guys. This worked like a charm.

    Wednesday, December 31, 2008 at 12:35 am #

Trackbacks/Pingbacks (28)

  1. Weblog Tools Collection » Blog Archive » Reset WP Password Manually on Sunday, April 27, 2008 at 3:57 pm

    [...] Ryan has included the files which contain the patch that you can download here (No Ratings Yet)  Loading … Sphere: Related Content [...]

  2. WordPress 2.5.1: How to reset password manually » D' Technology Weblog: Technology, Blogging, Tips, Tricks, Computer, Hardware, Software, Tutorials, Internet, Web, Gadgets, Fashion, LifeStyle, Entertainment, News and more by Deepak Gupta. on Sunday, April 27, 2008 at 4:54 pm

    [...] If you’re not comfortable with PhpMyAdmin or you don’t to do it manually, as an alternate, you can download files which contain the patch, here. [...]

  3. » WP 2.5.1 e il reset della password » WordPress Italy on Sunday, April 27, 2008 at 5:39 pm

    [...] con iscrizioni aperte può invece scaricare il file di correzione resi disponibili sempra da Ryan qui. Nessun tag per questo [...]

  4. Disponibile WordPress 2.5.1 « Zanblog.it di Giorgio Zanetti on Sunday, April 27, 2008 at 7:32 pm

    [...] chi non volesse attendere la 2.5.2, è possibile scaricare i singoli file da sostituire andando sul blog di Ryan McCue e cliccando su Grab the changed files (zip) tags: open-source, Software, WordPresscategorie: [...]

  5. Ripristinare la WP Password on Sunday, April 27, 2008 at 9:19 pm

    [...] della release 2.5.2, é possibile già da ora scaricare i due file sostitutivi (Reset Password Bug: Patch and Fixed Files) contenenti la patch di [...]

  6. Soluciona el bug de WordPress 2.5.1 | Bitperbit on Monday, April 28, 2008 at 9:53 am

    [...] Solucionar el bug de las contraseñas [2.5.1] [...]

  7. La actualizaciòn Wordpress 2.5.1, con un serio error… « Cultura Informàtica on Monday, April 28, 2008 at 11:52 am

    [...] Por supuesto, puedes cambiarla diretamente en MySQl, pero si no puedes esperar, aquí tienes los dos ficheros que resuelven el [...]

  8. Bug serio en Wordpress 2.5.1 | aNieto2K on Monday, April 28, 2008 at 4:28 pm

    [...] La solución es bastante simple, Ryan McCue propone modificar 2 ficheros: [...]

  9. Noticias de Bitacoras.com » Bug en WordPress 2.5.1 on Monday, April 28, 2008 at 7:17 pm

    [...] La nueva versión de WordPress ha salido hace nada y ya han han encontrado un bug, lo he visto en aNieto2K, como es habitual Hector avisa de la detección de un bug grave en Wordpress 2.5.1. Al parecer, el link enviado por email con la contraseña generada que Wordpress nos devuelve al resetear la contraseña no funciona imposibilitando acceder al blog despues de hacerlo. La solución es bastante simple, Ryan McCue propone modificar 2 ficheros [...]

  10. Bug grave en WordPress 2.5.1 | Pere MAJORAL on Monday, April 28, 2008 at 10:19 pm

    [...] solución pasa por actualizar a la versión 2.5.1 (si no lo hubieras hecho ya) y descargarte los ficheros [...]

  11. Mucho cuidado con WordPress 2.5.1 « Helektron.com on Monday, April 28, 2008 at 10:55 pm

    [...] solución pasa por actualizar a la versión 2.5.1 (si no lo hubieras hecho ya) y descargarte los ficheros [...]

  12. GraceViera.com » Blog Archive » Wordpress 2.5puntoUno on Tuesday, April 29, 2008 at 5:36 am

    [...] actualié el blog. Tan sólo me tomo dos horas y unos minutos para subir unos parches que necesita, pues ya tiene un bug que te manda a tu mail un link que no sirve si se te olvida la [...]

  13. Wordpress 2.5.1 da problemas | Pichicola.com on Tuesday, April 29, 2008 at 9:14 am

    [...] Por supuesto, puedes cambiarla diretamente en MySQl, pero si no puedes esperar, aquí tienes los dos ficheros que resuelven el [...]

  14. MicroZulo » Blog Archive Wordpress 2.5.1 viene con bug » on Tuesday, April 29, 2008 at 9:51 am

    [...] no funciona imposibilitando acceder al blog después de hacerlo. La solución es bastante simple, Ryan McCue propone modificar 2 ficheros. Realizar un Comentario RSS de Comentarios Artículo anterior a este: XP podría [...]

  15. Bug Grave en WordPress 2.5.1 | La Comunidad DragonJAR on Tuesday, April 29, 2008 at 10:36 am

    [...] solución es bastante simple y Ryan McCue nos la enseña en su blog, solo hay que modificar estos 2 [...]

  16. Bug Grave en WordPress 2.5.1 | La Comunidad DragonJAR on Tuesday, April 29, 2008 at 10:36 am

    [...] solución es bastante simple y Ryan McCue nos la enseña en su blog, solo hay que modificar estos 2 [...]

  17. Peligroso Bug para Wordpress 2.5.1 « blog NeTTinG on Tuesday, April 29, 2008 at 9:53 pm

    [...] solución pasa por actualizar a la versión 2.5.1 (si no lo hubieras hecho ya) y descargarte los ficheros [...]

  18. WordPress 2.5.1 disponible…con todo y bug!| Life of a Webmaster| Rafael Villavizar on Wednesday, April 30, 2008 at 1:13 am

    [...] La solución (temporal) es bastante simple: Ryan MacCue explica la solución con solo editar dos archivos. [...]

  19. How to reset password in Wordpress | all-tutorials.info on Thursday, May 1, 2008 at 1:03 am

    [...] Ryan McCue’s tutorilal if you want to reset your password with PhpmyAdmin, or download his patched [...]

  20. WordPress 2.5.1 + more fixes [builder2] on Thursday, May 1, 2008 at 9:50 pm

    [...] the password recovery links wouldn’t work as designed. The patched files can be downloaded from the user who discovered the problem, and used on your site, replacing the 2.5.1 [...]

  21. Il mondo di Paolettopn » Wordpress, problemi a resettare la propria password? Ecco la patch. on Saturday, May 3, 2008 at 8:10 am

    [...] Beh, poco male; Ryan ha già sistemato il problema sviluppando la seguente patch, scaricabile nel suo blog, a questo link. [...]

  22. SMV.es » Solucionar el bug de WordPress 2.5.1 on Saturday, May 3, 2008 at 10:38 pm

    [...] Solucionar el bug de las contraseñas [2.5.1] [...]

  23. The WordPress Podcast » Episode 41: WordPress 2.5.1 released, Webware 100 on Monday, May 19, 2008 at 1:03 pm

    [...] WordPress 2.5.1 was released April 25th, and includes a significant security fix, so you should update as soon as possible if you haven’t done so already. This version does break the reset password feature, however. (Thanks to Ryan McCue for providing a patch file.) [...]

  24. JERSEY-BARKER » Blog Archive » WordPress Podcast: Episode 41: WordPress 2.5.1 released, Webware 100 on Monday, May 19, 2008 at 2:35 pm

    [...] WordPress 2.5.1 was released April 25th, and includes a significant security fix, so you should update as soon as possible if you haven’t done so already. This version does break the reset password feature, however. (Thanks to Ryan McCue for providing a patch file.) [...]

  25. SeventyEight » Blog Archive » Glömt password on Tuesday, June 3, 2008 at 9:29 pm

    [...] hittade en patch till wordpress som sägs funka, men inte då. Vem vet, den kanske funkar för er. Här hittar du den. Jag fick i alla fall gå in i Sql databasen och manuellt ändra lösenordet vilket inte va så [...]

  26. How To Fix WordPress 2.5.1 "Invalid Activation Key" Bug (Occurs When Resetting Password) | George Appiah's Tech Support Help Desk on Monday, July 7, 2008 at 1:50 am

    [...] over to Ryan McCue’s Blog, grab his patched files (zipped file containing two files: wp-login.php and [...]

  27. Bug en WordPress 2.5.1 | La Comunidad DragonJAR on Wednesday, August 13, 2008 at 8:49 am

    [...] solución es bastante simple y Ryan McCue nos la enseña en su blog, solo hay que modificar estos 2 [...]

  28. Episode 41: WordPress 2.5.1 released, Webware 100 « The WordPress Community on Saturday, November 8, 2008 at 5:26 am

    [...] WordPress 2.5.1 was released April 25th, and includes a significant security fix, so you should update as soon as possible if you haven’t done so already. This version does break the reset password feature, however. (Thanks to Ryan McCue for providing a patch file.) [...]