Create password reset key only once. Props tellyworth. fixes #5990
git-svn-id: http://svn.automattic.com/wordpress/trunk@7015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
8137e045da
commit
feb2950b2d
11
wp-login.php
11
wp-login.php
|
@ -87,10 +87,13 @@ function retrieve_password() {
|
||||||
do_action('retreive_password', $user_login); // Misspelled and deprecated
|
do_action('retreive_password', $user_login); // Misspelled and deprecated
|
||||||
do_action('retrieve_password', $user_login);
|
do_action('retrieve_password', $user_login);
|
||||||
|
|
||||||
// Generate something random for a key...
|
$key = $wpdb->get_var("SELECT user_activation_key FROM $wpdb->users WHERE user_login = '$user_login'");
|
||||||
$key = wp_generate_password();
|
if ( empty($key) ) {
|
||||||
// Now insert the new md5 key into the db
|
// Generate something random for a key...
|
||||||
$wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'");
|
$key = wp_generate_password();
|
||||||
|
// Now insert the new md5 key into the db
|
||||||
|
$wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'");
|
||||||
|
}
|
||||||
$message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";
|
$message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";
|
||||||
$message .= get_option('siteurl') . "\r\n\r\n";
|
$message .= get_option('siteurl') . "\r\n\r\n";
|
||||||
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
|
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
|
||||||
|
|
Loading…
Reference in New Issue