#23488 closed defect (bug) (duplicate)
WordPress incorrectly escapes passwords when emailing to new users
Reported by: | bklang | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 2.8 |
Component: | Users | Keywords: | |
Focuses: | Cc: |
Description
I created a new user account today whose password contained a single-quote ( ' ). When the new user received the password it was escaped with a backslash ( \' ). This caused him to be unable to log in, not knowing he should remove the backslash.
Passwords sent to users should not be escaped.
Change History (6)
#1
@
12 years ago
- Component changed from General to Users
- Milestone changed from Awaiting Review to 3.6
- Resolution set to fixed
- Status changed from new to closed
- Version changed from 3.5.1 to 2.8
#4
@
12 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
Let's leave this open as [23416] isn't quite settled yet.
Note: See
TracTickets for help on using
tickets.
Reproduced in 3.5.1. Also reproduced in 2.8, where "Send this password..." checkbox was added ([11319]), using
'123'
(including quotes) as a password.Could not reproduce in current trunk, appears to be fixed in [23416].