[wp-trac] [WordPress Trac] #24617: Spammed users should not be able to reset their password

WordPress Trac noreply at wordpress.org
Sat Apr 16 18:34:06 UTC 2016


#24617: Spammed users should not be able to reset their password
-------------------------------------------------+-------------------------
 Reporter:  r-a-y                                |       Owner:
     Type:  defect (bug)                         |  websupporter
 Priority:  normal                               |      Status:  assigned
Component:  Users                                |   Milestone:  4.6
 Severity:  normal                               |     Version:  3.0
 Keywords:  good-first-bug has-patch has-unit-   |  Resolution:
  tests                                          |     Focuses:  multisite
-------------------------------------------------+-------------------------

Comment (by websupporter):

 Hi @jeremyfelt, if we just put `$allow` to false, we retun `Password reset
 is not allowed for this user` as the standard not allowed. Or we go with
 an extra message `disabled` where we might be able to keep the error code
 for some purposes specific.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/24617#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list