10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

Fix password reset cookie

Browse Source
This commit is contained in:
Champ Camba
2019-01-17 12:18:19 +08:00
parent b1c290b10e
commit 00ea16d24f
1 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/core/class-password.php
+14 -4
View File
@@ -286,9 +286,19 @@ if ( ! class_exists( 'um\core\Password' ) ) {
exit;
}
$rp_login = $userdata->user_login;
$value = sprintf( '%s:%s', $rp_login, wp_unslash( $_GET['hash'] ) );
setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
wp_safe_redirect( remove_query_arg( array( 'hash', 'user_id' ) ) );
$rp_key = wp_unslash( $_GET['hash'] );
$user = check_password_reset_key( $rp_key, $rp_login );
if ( is_wp_error( $user ) ) {
setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
wp_redirect( add_query_arg( array( 'updated' => 'invalidkey' ), get_permalink() ) );
}else{
$value = sprintf( '%s:%s', $rp_login, wp_unslash( $_GET['hash'] ) );
setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
wp_safe_redirect( remove_query_arg( array( 'hash', 'user_id' ) ) );
}
exit;
}
@@ -299,7 +309,7 @@ if ( ! class_exists( 'um\core\Password' ) ) {
$user = false;
}
if ( ! $user || is_wp_error( $user ) ) {
if ( ( ! $user || is_wp_error( $user ) ) && ! isset( $_GET['updated'] ) ) {
setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
if ( $user && $user->get_error_code() === 'expired_key' ) {
wp_redirect( add_query_arg( array( 'updated' => 'expiredkey' ), get_permalink() ) );