Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-02-10 17:41:56 +01:00
Code Issues Projects Releases Wiki Activity

Shorten key and action name to avoid long links that break in mail clients.

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@3731 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2006-04-20 21:44:14 +00:00
parent c6e1adf128
commit 199618e3b5
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wp-login.php
View File

@ -101,14 +101,14 @@ do_action('retreive_password', $user_login); // Misspelled and deprecated.
do_action('retrieve_password', $user_login);
// Generate something random for a password... md5'ing current time with a rand salt
$key = substr( md5( uniqid( microtime() ) ), 0, 50);
$key = substr( md5( uniqid( microtime() ) ), 0, 8);
// now insert the new pass md5'd into the db
$wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'");
$message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";
$message .= get_option('siteurl') . "\r\n\r\n";
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
$message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n";
$message .= get_settings('siteurl') . "/wp-login.php?action=resetpass&key=$key\r\n";
$message .= get_settings('siteurl') . "/wp-login.php?action=rp&key=$key\r\n";
$m = wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_settings('blogname')), $message);
@ -125,7 +125,7 @@ do_action('retrieve_password', $user_login);
break;
case 'resetpass' :
case 'rp' :
// Generate something random for a password... md5'ing current time with a rand salt
$key = preg_replace('/a-z0-9/i', '', $_GET['key']);
if ( empty($key) )