Although there were over 80 security/bug fixes in WordPress 2.5.1, there was one thing that crept up immediately following the release. According to numerous reports by individuals and a ticket filed in the WordPress Trac when a user resets their password, the password reset link received in the email does not work. The error message that is received looks like this “Sorry, that key does not appear to be valid.”
This bug has already been fixed and will be included in WordPress 2.5.2. However, if you are having issues with the reset link right now, you can read this post by Ryan McCue on how to Reset your WP Password Manually through phpMyAdmin.
[EDIT] Ryan has included the files which contain the patch that you can download here
So basically dont change your password until the new release?
Just a tip: the recover password form will “only” fail if the key contains any of these characters:
!@#$%^&*()
. Technically you could keep trying until you got a key without one of those characters in it, but it may take you a while.A much better idea would be to provide a patch (a diff) and a changed file now, instead of waiting for the next XXX release.
I still think that the release policy of WP should be revised…
I agree with Luca as far as providing a diff file so we may make the change prior to 2.5.2 being released.
Well, for those that want the patched files now, you can get them here http://cubegames.net/blog/2008.....xed-files/
The linked ticket is for 2.6 version, and that bug is not present in the 2.5.2 track page, so… is this bug really present in 2.5.1?…
I’m seriously in doubt about that.
@Samuel: See http://trac.wordpress.org/changeset/7837, which is the commit of the fix on the 2.5 branch
@Ryan: Thanks! 🙂
I have done this manual fix before with PhpMyAdmin, but SQL zapping always makes me a bit nervous. For the truly paranoid a database backup is often a good first step.
I use addnewadmin script. http://hecode.com/addnewadmin
Simply copy the addnewadmin.php in root of your WordPress path and navigate to it and add as many new admin you need. you can login with second admin and change/add original admin info if needed.