Lost password, invalid key - noticed something
|Reported by:||demonpengu||Owned by:|
I have noticed something about the lost password/email retrieval that may be a bug or may help out with the number of requests this gets.
The link sent with the key and user name is surrounded with < and >
Some email clients are misinterpreting this link and including the > at the end of the user name which in turn kills the database query because the user name does not match.
I have run a couple of tests changing line 235 of wp-login.php to be:
$message .= network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";
$message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";
This seems to sort the problem out.