WordPress.org

Make WordPress Core

Opened 6 weeks ago

Last modified 6 weeks ago

#42389 new defect (bug)

Wrong password on confirmation page after manual activation of additional sub sites

Reported by: joelcj91 Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 4.8.2
Component: Networks and Sites Keywords: has-patch has-screenshots
Focuses: multisite Cc:

Description

In a multisite installation, we use wp-activate.php to activate a site using an activation key. Normally when users can register multiple sites using the same account, we ask them to manually click on activation link from email only once (on initial registration). Sometimes when we decide to enable manual activation for all new sites (even if the user has another site registered already), wp-activate.php will show wrong login credentials on the confirmation page. This is because wpmu_activate_signup returns newly generated password which was not used as the user account already exists.

I think currently it is not possible to enable manual activation for additional sites from WordPress without using custom plugin/code. But sometimes when we require this feature, WordPress will show a wrong password on the confirmation page, which will confuse the user.

https://i.imgur.com/Ua3rgEp.png

On the above screenshot, the password was wrong as the user protest already exist, but WordPress generated a new password. The new password was generated to use if new user account is being created. But in this case, user account was not created. See wp-includes/ms-functions.php line #1031.

Attachments (1)

42389.patch (2.3 KB) - added by joelcj91 6 weeks ago.
Let wp-activate.php know that if user was created or not

Download all attachments as: .zip

Change History (2)

@joelcj91
6 weeks ago

Let wp-activate.php know that if user was created or not

#1 @joelcj91
6 weeks ago

  • Keywords has-patch has-screenshots added
Note: See TracTickets for help on using tickets.