extraneous check in wp_login()
|Reported by:||skippy||Owned by:||skippy|
|($login->user_login == $username && $login->user_pass == md5($password)) )|
$username will _always_ match $login->user_login, because $username was used to fetch the data from the database.
Change History (9)
- Keywords bg|has-patch bg|2nd-opinion added
- Owner changed from anonymous to skippy
- Priority changed from normal to low
- Status changed from new to assigned
Note: See TracTickets for help on using tickets.