[wp-trac] [WordPress Trac] #20140: Ask old password to change user password
WordPress Trac
noreply at wordpress.org
Fri Aug 16 16:01:34 UTC 2013
#20140: Ask old password to change user password
------------------------------------+-----------------------
Reporter: nprasath002 | Owner:
Type: feature request | Status: assigned
Priority: normal | Milestone: 3.7
Component: Security | Version:
Severity: normal | Resolution:
Keywords: has-patch dev-feedback |
------------------------------------+-----------------------
Comment (by iandunn):
> Shouldn't we check whether that user can be edited by the current user
rather than saying only administrators can change a user's password?
The patch doesn't actually change any of the behavior related to
capabilities; I just wasn't being precise when I said "administrators".
The patch uses IS_PROFILE_PAGE to determine whether or not the extra
field should be generated and validated, so if there's a custom role that
can edit users then it shouldn't be affected at all.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/20140#comment:13>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list