Password Reset email returns invalid account address
|Reported by:||raamdev||Owned by:||nacin|
The retrieve_password() function in wp-login.php calls network_site_url() (see source:/trunk/wp-login.php#L211), which on a non-multisite network calls site_url(), which then returns the 'WordPress Address'.
However, that doesn't make sense when the 'WordPress Address' and 'Site Address' are different.
People receiving Password Reset emails shouldn't be seeing the 'WordPress Address', they should be seing 'Site Address'. When these fields are different, the 'WordPress Address' URL doesn't even point anywhere useful to the user.
FYI, I do have FORCE_SSL_ADMIN enabled. My 'WordPress Address' is set to https://raamdev.com/wordpress while my 'Site Address' is set to http://raamdev.com. Password reset emails contain the former address.
Change History (9)
- Owner set to nacin
- Resolution set to fixed
- Status changed from new to closed