Lost password issue

When a use clicks on the Lost Password link and then clicks on the link provided in an email the screen presented has no open field to enter the new password. There is text of “New Password” in the location but there is no open text box to enter a new one in. A use sent this error to me, the admin, and I tried it with my test id and got the same thing. I’ve attached a screen shot of the web page.

Go to the screen you listed above in your screenshot and hit the F12 function key on your computer to get the browser debugger to come up (available on Edge, Chrome, FIrefox browsers…not sure about Safari browser). You will get a screen that looks like the following…take another screenshot and send it to us (click the CSS and INFO tabs off…see following screenshot as example)

Also…you have mixed http/https content on the page. Google in particular does not like that. See if your problem is repeatable on Edge browser, Firefox browser and Chrome browser. If the problem is only on Chrome browser then it is likely to be a mixed http/https content issue. You need all the items on the page to be https. See in my screenshot above there is a little yellow triangle on the lock to the left of the search box. You need to get rid of that.

So…go into S2Member and change the logo you filled into the s2member login logo customisation field to use https:// and not http:// as it is currently configured.

1 Like

In attempting to display the debugger like you requested, the F12 button did not work as suggested. I looked up the commands via google and then did a CNTL + Shift + J which said it would do the same as F12. However, it didn’t provide me with the ability to turn off CSS & INFO tabs…in fact it didn’t even give me access to those tabs. However, it did provide details on the warnings and error messages when I moved to Console. The following is what I found:

Considering that I used a plugin to establish the https capability, how would I modify those pages or calls to those pages to apply the https rather than the http?

Could you please check the following code out. I did a specific element inspect for the location where I thought I would be able to input a new password. It shows the label “New Password” but fails to provide a location where someone can enter the revised password. Shouldn’t the input command provide this?

Hi Earl.

The debugger can also be accessed using CTRL + SHIFT + i

You should not have to touch code.

In your s2member custom user interface configuration change any references to http:// to https:// Your logo is one of those. Also the login page background image in s2member config.

For any missing images check the url in the debug log to determine if the theme or which of the plugins is supposed to be providing that image.

Hi Earl.

This seems caused by something other than s2Member. Maybe the theme or another plugin. s2Member is sending the email with the link to that page, but that page is not managed by s2Member, even if s2 does allow you to customize the wp-login.php pages.

I suggest that you do a plugins/theme conflict test to find what’s behind the problem. https://s2member.com/kb-article/common-troubleshooting-tips/

:slight_smile:

@clavaque - it is possible that the S2Member is sending out the default login background image using http. I took a look in the code but it’s not a static expression so I would need to use the debugger to see what actually gets sent out. It is possible that a website that defaults to http but redirects to https could end up with a http version of the default login background image. As I said above to @EarlS he will need to clear up the mixed http / https first to ensure this is not a browser security artifact.

I have eliminated the http/https errors. That did not resolve the problem. I don’t know how to run a clean test without any plugins. I was advised by my host to deactivate plugins one by one to see if it resolves the issue. Given that I have 28 plugins, that will take some time. Will this be an adequate test?

Is it possible to copy the public-html folder and load that onto a free WP installation for testing, such as Flywheel. I have flywheel loaded to my laptop for training purposes and was wondering if there is a way to transfer the current installation from one host site to another?

First…getting rid of your http references was a good first step. When debugging a system you get rid of any obvious issues first.

The problem you have is specialised in that it impacts the password rest screen. Not many plugins would be likely to do that even if coded badly.

My suggestion to you would be to turn off the security-related plugins first. There would be no impact on your users to do so and that might help you find the culprit quickly.

Regarding copying your site…do a Google search…you will find lots of articles and a number of good quality free plugins to assist.

I’ve been able to narrow it down to a css script under the label “.hide-if-no-js” within the auto generated file of “login.min.css” found within wp-admin. Apparently if it doesn’t detect java script it turns on “display: none” (box checked) and the input field doesn’t show up. If I remove the check from that variable, the field displays correctly.

What I can’t figure out is what is controlling this code. Is it s2member?

As per your latest recommendation, I removed each of the security plugin’s one by one and tested the reset password procedure and nothing resolved the issue.

If you click on the login.min.css in the debugger it should show you where the file is.

Thanks but I already stated that the file login.min.css can be found in the wp-admin directory. I did what you suggested and all it did was display the whole file, which I already did using an editor. Any other suggestions?

It’s time to raise an error with WordPress.org. The only way Javascript would not be enabled is if it is purposefully disabled in the browser. Additionally, WordPress should not be hiding the input ever.