Opened 16 years ago
Closed 16 years ago
#8250 closed defect (bug) (worksforme)
Activation Key to be urlencoded in retrieve password mail
Reported by: | f00f | Owned by: | |
---|---|---|---|
Milestone: | Priority: | high | |
Severity: | normal | Version: | 2.5.1 |
Component: | General | Keywords: | has-patch wp-login lost-password retrieve-password |
Focuses: | Cc: |
Description
Hi,
it happened to one of my users, that the activation key mailed to him when he wanted to reset his pwd contained a pound sign (#). The result was that he got an "invalid key" error, because the pound and everything thereafter was not considered part of the key parameter.
Solution: urlencode the key in the link mailed to the users, see patch.
Tested on 2.5.1 and current svn version (close to 2.7)
Attachments (1)
Change History (4)
Note: See
TracTickets for help on using
tickets.
This should have been fixed as part of #6842
There is some discussion of it there. Believe it was sorted in 2.6.