Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-26 06:45:07 +02:00
Code Issues Projects Releases Wiki Activity

Users: Check that a valid user is passed to get_password_reset_key().

Browse Source 
Props edocev.
Fixes #44601.


Built from https://develop.svn.wordpress.org/trunk@44602


git-svn-id: http://core.svn.wordpress.org/trunk@44433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Gary Pendergast 2019-01-15 06:27:49 +00:00
parent a5d8a6bde3
commit 8ddef3e98d
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wp-includes/user.php
View File

@ -2217,6 +2217,10 @@ function wp_get_password_hint() {
function get_password_reset_key( $user ) { function get_password_reset_key( $user ) {
global $wpdb, $wp_hasher; global $wpdb, $wp_hasher;
if ( ! ( $user instanceof WP_User ) ) {
return new WP_Error( 'invalidcombo', __( '<strong>ERROR</strong>: There is no account with that username or email address.' ) );
}
/** /**
* Fires before a new password is retrieved. * Fires before a new password is retrieved.
* *

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '5.1-beta1-44601'; $wp_version = '5.1-beta1-44602';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.