Make WordPress Core

Changeset 29394 for branches/3.9


Ignore:
Timestamp:
08/06/2014 06:36:54 AM (11 years ago)
Author:
nacin
Message:

Don't pass around the password reset key.

Merges [29327] and [29381] to the 3.9 branch.

props mdawaffe.
fixes #29060.

Location:
branches/3.9
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/3.9

  • branches/3.9/src/wp-login.php

    r28096 r29394  
    563563case 'resetpass' :
    564564case 'rp' :
    565     $user = check_password_reset_key($_GET['key'], $_GET['login']);
    566 
    567     if ( is_wp_error($user) ) {
    568         if ( $user->get_error_code() === 'expired_key' )
     565    list( $rp_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
     566    $rp_cookie = 'wp-resetpass-' . COOKIEHASH;
     567    if ( isset( $_GET['key'] ) ) {
     568        $value = sprintf( '%s:%s', wp_unslash( $_GET['login'] ), wp_unslash( $_GET['key'] ) );
     569        setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
     570        wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) );
     571        exit;
     572    }
     573
     574    if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) {
     575        list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
     576        $user = check_password_reset_key( $rp_key, $rp_login );
     577    } else {
     578        $user = false;
     579    }
     580
     581    if ( ! $user || is_wp_error( $user ) ) {
     582        setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
     583        if ( $user && $user->get_error_code() === 'expired_key' )
    569584            wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) );
    570585        else
     
    590605    if ( ( ! $errors->get_error_code() ) && isset( $_POST['pass1'] ) && !empty( $_POST['pass1'] ) ) {
    591606        reset_password($user, $_POST['pass1']);
     607        setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
    592608        login_header( __( 'Password Reset' ), '<p class="message reset-pass">' . __( 'Your password has been reset.' ) . ' <a href="' . esc_url( wp_login_url() ) . '">' . __( 'Log in' ) . '</a></p>' );
    593609        login_footer();
     
    601617
    602618?>
    603 <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( site_url( 'wp-login.php?action=resetpass&key=' . urlencode( $_GET['key'] ) . '&login=' . urlencode( $_GET['login'] ), 'login_post' ) ); ?>" method="post" autocomplete="off">
    604     <input type="hidden" id="user_login" value="<?php echo esc_attr( $_GET['login'] ); ?>" autocomplete="off" />
     619<form name="resetpassform" id="resetpassform" action="<?php echo esc_url( site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off">
     620    <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off" />
    605621
    606622    <p>
Note: See TracChangeset for help on using the changeset viewer.