#45746 closed enhancement (fixed)
get_password_reset_key should use wp_update_user
Reported by: | spacedmonkey | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 5.3 | Priority: | normal |
Severity: | normal | Version: | 4.4 |
Component: | Users | Keywords: | good-first-bug has-patch needs-testing |
Focuses: | Cc: |
Description
In the function, get_password_reset_key
, the user record is updated, however this function call doesn't use wp_update_user
(wp_insert_user
), none of the actions or filters are run. Worse yet, the clean_user_cache
function and actions are not called.
Attachments (2)
Change History (13)
#4
@
6 years ago
Thanks @jayswadas for the patch.
Looking at the patch, there a couple of issues, I had with it. I would change it the following
$key_saved = wp_update_user( array( 'ID' => $user->ID, 'user_activation_key' => $hashed, 'user_login' => $user->user_login ) );
if ( is_wp_error( $key_saved ) ) {
return $key_saved;
}
Couple of differences.
- Removed
clean_user_cache
call, as this is already classed inwp_update_user
- Check the value
$key_saved
and return. Aswp_update_user
doesn't allows successfully.
If you can update the patch @jayswadas and run the phpunit tests, we could nearly be there.
#6
@
5 years ago
@spacedmonkey I applied the latest patch submitted by @jayswadas (45746-2.diff) and run the phpunit tests.
This is the phpunit output.
OK, but incomplete, skipped, or risky tests! Tests: 9634, Assertions: 73861, Skipped: 39.
I'm not entirely sure if this is good enough because of the skipped tests.
This ticket was mentioned in Slack in #core by donmhico. View the logs.
5 years ago
#8
@
5 years ago
- Milestone changed from Awaiting Review to 5.3
- Owner set to SergeyBiryukov
- Status changed from new to reviewing
Related: #45745