[wp-trac] [WordPress Trac] #8250: Activation Key to be urlencoded
in retrieve password mail
WordPress Trac
wp-trac at lists.automattic.com
Sun Nov 16 23:09:07 GMT 2008
#8250: Activation Key to be urlencoded in retrieve password mail
---------------------+------------------------------------------------------
Reporter: f00f | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.7
Component: General | Version: 2.5.1
Severity: normal | Keywords: has-patch wp-login lost-password retrieve-password
---------------------+------------------------------------------------------
Hi,
it happened to one of my users, that the activation key mailed to him when
he wanted to reset his pwd contained a pound sign (#). The result was that
he got an "invalid key" error, because the pound and everything thereafter
was not considered part of the key parameter.
Solution: urlencode the key in the link mailed to the users, see patch.
Tested on 2.5.1 and current svn version (close to 2.7)
--
Ticket URL: <http://trac.wordpress.org/ticket/8250>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list