Today I was working on the new blog a bit and stumbled upon a limitation common to many free webhosting companies: no smtp and thus a disabled mail() function.
Of course, user registration fails totally without being able to send emails.
So for those who don’t really like editing php code (as they can’t or don’t dare), here are a few solutions to your problems.Note: use these modifications at your own risk, I have tested them very quickly and are implemented these modifications (a variant for security purposes) on this weblog and it works as it should. Always remember to make backup copies of the files you change!
Disable email while registering
- Open the file wp-register.php in the wordpress root.
- Go to line 74.
- Change __('emailed to you') to $password
- This will make the user registration screen show the password on the screen. This is of course in most cases not desired, but in this particular case, it is needed.
Note here that the provided email address is of great importance still, although it is not used for communicational purposes, it is required to retrieve your lost password! See more on this in the next section.
Disable email when forgotten email
This section is quite controversial in the whole “disable email” business. It is possible for anyone who knows your username AND email address to hack into your account. I am still considering turning off the password reset, and just letting users contact the site admin, which is 1000 times safer… But hey, you were warned.
- Open wp-login.php in the wordpress root.
- Go to line 120.
- Put // at the beginning of lines 120 en 121, so that the message “The e-mail was sent successfully to %user’s email address gets muted.
- Make sure the following lines look like this:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<title>WordPress » <?php _e('Lost Password') ?></title>
<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" />
<link rel="stylesheet" href="<?php echo get_settings('siteurl'); ?>/wp-admin/wp-admin.css" type="text/css" />
Please continue <? echo "<a href='" . get_settings('siteurl') . "/wp-login.php?action=resetpass&key=$key" . "'>here</a>" ?> to reset your password.
- Go to line 166, this line contains:
echo '<p>' . sprintf(__('Your new password is in the mail.'), $user_login) . '<br />';.
- Comment this line by putting // in front of it and add the following line:
echo '<p>' . sprintf(__('Your new password is "' . $new_pass . '".'), $user_login) . '<br />';
- This will make the user who wants to reset his/her password be prompted for username and email address. If both are correct they see a page with a link on it. If (and only if) they follow that link, they will have resetted their password and will see the newly assigned password on the next page. They can now login with that password.
The actual email sending process is NOT turned off, as this goes a bit too far for me, well, actually I just don’t wanna mess with that. This suffices.
I hope you can use this. Post a comment if you have questions or found issues.