I noticed in Bricks 1.9.4 that the password reset functionality is correctly triggering the retrieve_password_notification_email
hook, which sends the default mail to change the password.
However, after successfully changing the mail the password_change_email
as well as the wp_password_change_notification_email
is not triggered. I think this is not a good practice, since the forms hooking into native functionality should trigger default functionality.
In detail: the form directly sets the password using the wp_set_password
. This function is basically only used in reset_password
(reset_password() – Function | Developer.WordPress.org). This function does nothing more than wp_set_password
but updating some user meta and triggering the after_password_reset
hook which finally triggers the mentioned wp_password_change_notification_email
hook leading to sending the admin notice.
The only thing I would like to request which I consider a bug is changing line 43 in reset-password.php of the form action to use reset_password()