Make WordPress Core

Opened 8 years ago

Closed 7 years ago

Last modified 6 years ago

#36131 closed defect (bug) (duplicate)

User can register / relogin when logged in already

Reported by: jashimili's profile jashimili Owned by:
Milestone: Priority: normal
Severity: normal Version: 0.71
Component: Login and Registration Keywords: close
Focuses: Cc:

Description

I don't know how no one didn't noticed this so far, or it's something to my WordPress installation specific.

But when user is already logged in to the website, the same user can again go to wp-login.php page and try to login again, that's not so problematic, until the same user who is logged in try to register again.

So if i login to my website as user1 and go to wp-login.php page again and try to register i can register my self as user2 even if i am logged in already.

Is this a bug or just overlooked thing but for users who are already logged in, we should prevent access to wp-login.php page and functions on that page.

Change History (4)

#1 @knutsp
8 years ago

  • Keywords close added
  • Summary changed from User can register / relogin when loged in already. to User can register / relogin when logged in already
  • Version changed from 4.4.2 to 0.71

When registering is open, anyone can register a new user. There is no need to block this, even if the user is actually logged in to the site. If that makes two usernames for the same person that depends on access to the email account used for the registration. It's ok to register another user whose email you know.

I also don't see the need to log out to able to log in, as the same or another user. Sometimes completely logging out is unsucessful du to a stubborn cookie or other browser problems.

#3 @swissspidy
7 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #14949.

This ticket was mentioned in Slack in #core by swissspidy. View the logs.


6 years ago

Note: See TracTickets for help on using tickets.