Ticket #10714: wp-login-rp-11893.patch
| File wp-login-rp-11893.patch, 487 bytes (added by wet, 5 years ago) |
|---|
| Line | |
|---|---|
| 1 | Index: wp-login.php |
| 2 | =================================================================== |
| 3 | --- wp-login.php (revision 11893) |
| 4 | +++ wp-login.php (working copy) |
| 5 | |
| 6 | @@ -185,9 +185,7 @@ |
| 7 | function reset_password($key, $login) { |
| 8 | global $wpdb; |
| 9 | |
| 10 | - $key = preg_replace('/[^a-z0-9]/i', '', $key); |
| 11 | - |
| 12 | - if ( empty( $key ) || !is_string( $key ) ) |
| 13 | + if ( !preg_match('/[a-zA-Z0-9]{20}/', $key ) ) |
| 14 | return new WP_Error('invalid_key', __('Invalid key')); |
| 15 | |
| 16 | if ( empty($login) || !is_string($login) ) |
