Make WordPress Core


Ignore:
Timestamp:
10/06/2013 11:28:42 AM (11 years ago)
Author:
nacin
Message:

Hash password reset keys in the database.

All existing, unused password reset keys are now considered "expired" and the user will be told they should try again.

Introduces a password_reset_key_expired filter to allow plugins to introduce a grace period.

fixes #24783.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-login.php

    r25619 r25696  
    203203 */
    204204function retrieve_password() {
    205     global $wpdb, $current_site;
     205    global $wpdb, $current_site, $wp_hasher;
    206206
    207207    $errors = new WP_Error();
     
    242242        return $allow;
    243243
    244     $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login));
    245     if ( empty($key) ) {
    246         // Generate something random for a key...
    247         $key = wp_generate_password(20, false);
    248         do_action('retrieve_password_key', $user_login, $key);
    249         // Now insert the new md5 key into the db
    250         $wpdb->update($wpdb->users, array('user_activation_key' => $key), array('user_login' => $user_login));
    251     }
     244    // Generate something random for a password reset key.
     245    $key = wp_generate_password( 20, false );
     246
     247    /**
     248     * Fires when a password reset key is generated.
     249     *
     250     * @since 2.5.0
     251     *
     252     * @param string $user_login The username for the user.
     253     * @param string $key        The generated password reset key.
     254     */
     255    do_action( 'retrieve_password_key', $user_login, $key );
     256
     257    // Now insert the key, hashed, into the DB.
     258    if ( empty( $wp_hasher ) ) {
     259        require_once ABSPATH . 'wp-includes/class-phpass.php';
     260        $wp_hasher = new PasswordHash( 8, true );
     261    }
     262    $hashed = $wp_hasher->HashPassword( $key );
     263    $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );
     264
    252265    $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    253266    $message .= network_home_url( '/' ) . "\r\n\r\n";
     
    359372    }
    360373
    361     if ( isset($_GET['error']) && 'invalidkey' == $_GET['error'] ) $errors->add('invalidkey', __('Sorry, that key does not appear to be valid.'));
     374    if ( isset( $_GET['error'] ) ) {
     375        if ( 'invalidkey' == $_GET['error'] )
     376            $errors->add( 'invalidkey', __( 'Sorry, that key does not appear to be valid.' ) );
     377        elseif ( 'expiredkey' == $_GET['error'] )
     378            $errors->add( 'expiredkey', __( 'Sorry, that key has expired. Please try again.' ) );
     379    }
     380
    362381    $redirect_to = apply_filters( 'lostpassword_redirect', !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '' );
    363382
     
    395414
    396415    if ( is_wp_error($user) ) {
    397         wp_redirect( site_url('wp-login.php?action=lostpassword&error=invalidkey') );
     416        if ( $user->get_error_code() === 'expired_key' )
     417            wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) );
     418        else
     419            wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) );
    398420        exit;
    399421    }
Note: See TracChangeset for help on using the changeset viewer.