[wp-trac] [WordPress Trac] #56787: Recovery mode tokens can't be validated successfully if pluggable function wp_check_password is overwritten.
WordPress Trac
noreply at wordpress.org
Tue Feb 21 15:57:51 UTC 2023
#56787: Recovery mode tokens can't be validated successfully if pluggable function
wp_check_password is overwritten.
-------------------------------------------------+-------------------------
Reporter: calvinalkan | Owner:
| TimothyBlynJacobs
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 6.2
Component: Site Health | Version: 5.2
Severity: normal | Resolution: fixed
Keywords: needs-testing has-patch has- | Focuses:
testing-info |
-------------------------------------------------+-------------------------
Changes (by TimothyBlynJacobs):
* status: accepted => closed
* resolution: => fixed
Comment:
In [changeset:"55397" 55397]:
{{{
#!CommitTicketReference repository="" revision="55397"
Recovery Mode: Use PasswordHash API directly when validating keys.
Previously, the wp_check_password function was used for validating keys,
while the PasswordHash class was used for creating keys. This would
prevent Recovery Mode from working on sites that provide a custom
implementation for the wp_check_password pluggable function.
Props calvinalkan.
Fixes #56787.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/56787#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list