WordPress.org

Make WordPress Core

Ticket #21314: 21314.diff

File 21314.diff, 2.5 KB (added by skithund, 6 years ago)
  • wp-login.php

     
    221221                do_action('retrieve_password_key', $user_login, $key);
    222222                // Now insert the new md5 key into the db
    223223                $wpdb->update($wpdb->users, array('user_activation_key' => $key), array('user_login' => $user_login));
     224                // Schedule key expiration to one week
     225                wp_schedule_single_event(strtotime('+7 days'), 'clear_password_reset_key', array($user_data->ID));
    224226        }
    225227        $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    226228        $message .= network_home_url( '/' ) . "\r\n\r\n";
     
    248250}
    249251
    250252/**
     253 * Clear password reset key
     254 *
     255 * @since 3.4.1
     256 * @uses $wpdb WordPress Database object
     257 *
     258 * @param int $user_id User ID
     259 * @return bool|WP_Error True: when finish. WP_Error on error
     260 */
     261function wp_clear_password_reset_key($user_id) {
     262        global $wpdb;
     263
     264        if ( empty($user_id) )
     265                return new WP_Error('invalid_user_id', __('Invalid User ID'));
     266
     267        $user = get_userdata($user_id);
     268
     269        if ( $user === false )
     270                return new WP_Error('invalid_user', __('Invalid user'));
     271
     272        $wpdb->update($wpdb->users, array('user_activation_key' => ''), array('ID' => $user->ID) );
     273
     274        return true;
     275}
     276
     277/**
    251278 * Retrieves a user row based on password reset key and login
    252279 *
    253280 * @uses $wpdb WordPress Database object
  • wp-includes/default-filters.php

     
    213213add_action( 'wp_print_footer_scripts', '_wp_footer_scripts'                 );
    214214add_action( 'init',                'check_theme_switched',            99    );
    215215add_action( 'after_switch_theme',  '_wp_sidebars_changed'                   );
     216add_action( 'clear_password_reset_key', 'wp_clear_password_reset_key'       );
    216217
    217218if ( isset( $_GET['replytocom'] ) )
    218219    add_action( 'wp_head', 'wp_no_robots' );
  • wp-includes/pluggable.php

     
    15641564
    15651565        $hash = wp_hash_password($password);
    15661566        $wpdb->update($wpdb->users, array('user_pass' => $hash, 'user_activation_key' => ''), array('ID' => $user_id) );
     1567        wp_clear_scheduled_hook('clear_password_reset_key', array( $user_id ));
    15671568
    15681569        wp_cache_delete($user_id, 'users');
    15691570}