Invalidate password keys when a user's email changes.

Merges [30430] to the 3.9 branch. Built from https://develop.svn.wordpress.org/branches/3.9@30432 git-svn-id: http://core.svn.wordpress.org/branches/3.9@30427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:42:16 +00:00 · 2014-11-20 13:42:16 +00:00 · e8ea407eb6
parent c0357c466d
commit e8ea407eb6
1 changed files with 3 additions and 0 deletions
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@ -1716,6 +1716,9 @@ function wp_insert_user( $userdata ) {
 	$data = wp_unslash( $data );

 	if ( $update ) {
+		if ( $user_email !== $old_user_data->user_email ) {
+			$data['user_activation_key'] = '';
+		}
 		$wpdb->update( $wpdb->users, $data, compact( 'ID' ) );
 		$user_id = (int) $ID;
 	} else {