diff --git src/wp-includes/user.php src/wp-includes/user.php
index 5b9dacc20f..537600800a 100644
|
|
function wp_signon( $credentials = array(), $secure_cookie = '' ) { |
110 | 110 | } |
111 | 111 | |
112 | 112 | wp_set_auth_cookie( $user->ID, $credentials['remember'], $secure_cookie ); |
| 113 | |
| 114 | // Flush `user_activation_key` after successful login. |
| 115 | global $wpdb; |
| 116 | $wpdb->update( |
| 117 | $wpdb->users, |
| 118 | array( 'user_activation_key' => '', ), |
| 119 | array( 'ID' => $user->ID ), |
| 120 | array( '%s' ), |
| 121 | array( '%d' ) |
| 122 | ); |
| 123 | |
| 124 | $user->__set( 'user_activation_key', '' ); |
| 125 | |
113 | 126 | /** |
114 | 127 | * Fires after the user has successfully logged in. |
115 | 128 | * |
diff --git tests/phpunit/tests/auth.php tests/phpunit/tests/auth.php
index facd456dd0..a8685680a1 100644
|
|
class Tests_Auth extends WP_UnitTestCase { |
423 | 423 | $this->assertInstanceOf( 'WP_Error', $check ); |
424 | 424 | } |
425 | 425 | |
| 426 | /** |
| 427 | * Ensure that the user_activation_key is cleared after a successful login. |
| 428 | * |
| 429 | * @ticket 58901 |
| 430 | */ |
| 431 | public function test_user_activation_key_after_successful_login() { |
| 432 | global $wpdb; |
| 433 | |
| 434 | $reset_key = get_password_reset_key( $this->user ); |
| 435 | $user = wp_signon( |
| 436 | array( |
| 437 | 'user_login' => self::USER_LOGIN, |
| 438 | 'user_password' => self::USER_PASS, |
| 439 | ) |
| 440 | ); |
| 441 | $activation_key_from_database = $wpdb->get_var( |
| 442 | $wpdb->prepare( "SELECT user_activation_key FROM $wpdb->users WHERE ID = %d", $this->user->ID ) |
| 443 | ); |
| 444 | |
| 445 | $this->assertNotWPError( $reset_key, 'The password reset key was not created.' ); |
| 446 | $this->assertNotWPError( $user, 'The user was not authenticated.' ); |
| 447 | $this->assertEmpty( $user->user_activation_key, 'The `user_activation_key` was not empty on the user object returned by `wp_signon` function.' ); |
| 448 | $this->assertEmpty( $activation_key_from_database, 'The `user_activation_key` was not empty in the database.' ); |
| 449 | } |
| 450 | |
426 | 451 | /** |
427 | 452 | * Ensure users can log in using both their username and their email address. |
428 | 453 | * |