Make WordPress Core

Opened 15 years ago

Closed 15 years ago

#11363 closed defect (bug) (duplicate)

Password Email Subject - Special Chars

Reported by: sp1ncycle's profile sp1ncycle Owned by:
Milestone: Priority: high
Severity: normal Version: 2.8.5
Component: Users Keywords:
Focuses: Cc:


The Subject in the email has htmlspecialchars and single quotes showup as this:

File: wp-login.php
Line: 166

$title = sprintf(__('[%s] Password Reset'), get_option('blogname'));


File: wp-login.php
Line: 211

$title = sprintf(__('[%s] Your new password'), get_option('blogname'));

The Fix:

$title = sprintf(__('[%s] Password Reset'), htmlspecialchars_decode(get_option('blogname'), ENT_QUOTES));

$title = sprintf(__('[%s] Your new password'), htmlspecialchars_decode(get_option('blogname'), ENT_QUOTES));

Change History (3)

#1 @Denis-de-Bernardy
15 years ago

  • Component changed from General to Users
  • Milestone changed from 2.9 to 3.0

the charset also needs to be passed, with an @ in front of the function call to avoid warnings on older platforms.

#2 @sp1ncycle
15 years ago

It appears that almost all notifications sent from Wordpress to the admin have the same issue.
Such as "New User Registration" email.

#3 @westi
15 years ago

  • Milestone 3.0 deleted
  • Resolution set to duplicate
  • Status changed from new to closed

This was fixed in 2.9 - #9913.

Closing as a duplicate of that ticket.

Note: See TracTickets for help on using tickets.