Context Navigation

← Previous Ticket
Next Ticket →

#41522 new defect (bug)

wp_set_password() doesn't trigger a changed password notification

Reported by:	henry.wright	Owned by:
Milestone:	Awaiting Review	Priority:	normal
Severity:	normal	Version:
Component:	Users	Keywords:	dev-feedback has-patch
Focuses:		Cc:

Description

If wp_update_user() is used to update a user's password, a notification is sent to the user telling them their password has changed.

However, the same doesn't happen if wp_set_password() is used to update a user's password.

Attachments (1)

41522.diff (687 bytes) - added by henry.wright 6 years ago.

Download all attachments as: .zip

Change History (4)

#1 @henry.wright
6 years ago

Keywords dev-feedback added

If wp_set_password() was rewritten to use the API, specifically wp_update_user(), then a notification would be sent. Thing is, it's a pluggable function. What's the policy on updating those things considering people could have their own implementation in a mu-plugins file?

@henry.wright
6 years ago

Attachment 41522.diff added

#2 @henry.wright
6 years ago

Keywords has-patch added

41522.diff rewrites wp_set_password() so that it uses wp_update_user(). wp_update_user() will hash the password so 41522.diff also removes the use of wp_hash_password() from wp_set_password().

#3 @SergeyBiryukov
6 years ago

Component changed from General to Users

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Make WordPress Core