wp_password_change_notification( WP_User $user )
Notifies the blog admin of a user changing password, normally via email.
Contents
Parameters
-
$user
WP_User Required -
User object.
More Information
- This function is normally called when a user resets a lost password, not if the password is changed on their profile page.
- This function can be replaced via plugins. If plugins do not redefine these functions, then this will be used instead.
Source
File: wp-includes/pluggable.php
.
View all references
function wp_password_change_notification( $user ) {
/*
* Send a copy of password change notification to the admin,
* but check to see if it's the admin whose password we're changing, and skip this.
*/
if ( 0 !== strcasecmp( $user->user_email, get_option( 'admin_email' ) ) ) {
/* translators: %s: User name. */
$message = sprintf( __( 'Password changed for user: %s' ), $user->user_login ) . "\r\n";
/*
* The blogname option is escaped with esc_html() on the way into the database in sanitize_option().
* We want to reverse this for the plain text arena of emails.
*/
$blogname = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
$wp_password_change_notification_email = array(
'to' => get_option( 'admin_email' ),
/* translators: Password change notification email subject. %s: Site title. */
'subject' => __( '[%s] Password Changed' ),
'message' => $message,
'headers' => '',
);
/**
* Filters the contents of the password change notification email sent to the site admin.
*
* @since 4.9.0
*
* @param array $wp_password_change_notification_email {
* Used to build wp_mail().
*
* @type string $to The intended recipient - site admin email address.
* @type string $subject The subject of the email.
* @type string $message The body of the email.
* @type string $headers The headers of the email.
* }
* @param WP_User $user User object for user whose password was changed.
* @param string $blogname The site title.
*/
$wp_password_change_notification_email = apply_filters( 'wp_password_change_notification_email', $wp_password_change_notification_email, $user, $blogname );
wp_mail(
$wp_password_change_notification_email['to'],
wp_specialchars_decode( sprintf( $wp_password_change_notification_email['subject'], $blogname ) ),
$wp_password_change_notification_email['message'],
$wp_password_change_notification_email['headers']
);
}
}
Hooks
-
apply_filters( 'wp_password_change_notification_email',
array $wp_password_change_notification_email ,WP_User $user ,string $blogname ) -
Filters the contents of the password change notification email sent to the site admin.
Changelog
Version | Description |
---|---|
2.7.0 | Introduced. |
User Contributed Notes
You must log in before being able to contribute a note or feedback.
The function is hooked to the
'after_password_reset'
action, so I think a simpler way to disable it would be just:Top ↑
Feedback
Note: Removing this action affects mainly the native core email sent when changing the password, but it won’t prevent other implementations of the function, such as the one used by WooCommerce. — By Creative Andrew —
Alternative method to prevent these emails being sent, put the following code in your functions.php file of your theme or plugin:
(I found rsm0128’s suggestion did not work for me in WordPress 6.0)
By default, WordPress sends a notification to the blog admin whenever a user changed the password.
To disable this just add below code to your theme or plugin.
Top ↑
Feedback
Sorry – Nope, this does not work and there are no plugins or themes in my site that define the function but the
function_exists(...
returns true so WordPress must already define this function before the functions.php of a theme is called. — By FixItDik —Adding this to your theme won’t work, since pluggable functions are defined earlier, right after the
plugins_loaded
action, occurs beforesetup_theme
. — By Timothy Couckuyt —