10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

Fix reset password validation

Browse Source
This commit is contained in:
champsupertramp
2016-09-12 16:51:58 +08:00
parent d62c6e6e10
commit 7d49246b7b
2 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/um-fields.php
+5 -1
View File
@@ -2255,8 +2255,12 @@ class UM_Fields {
if ( isset( $data['label'] ) ) {
$output .= $this->field_label($label, $key, $data);
}
$res = $this->field_value( $key, $default, $data );
$res = stripslashes( $this->field_value( $key, $default, $data ) );
if( ! empty( $res ) ){
$res = stripslashes( $res );
}
$res = apply_filters("um_view_field_value_{$type}", $res, $data );
core/um-password.php
+7 -1
View File
@@ -29,7 +29,9 @@ class UM_Password {
um_fetch_user( $user_id );
if ( $_REQUEST['hash'] != um_user('reset_pass_hash') ) wp_die( __('This is not a valid hash, or it has expired.','ultimatemember') );
if ( $_REQUEST['hash'] != um_user('reset_pass_hash') ){
wp_die( __('This is not a valid hash, or it has expired.','ultimatemember') );
}
$ultimatemember->user->profile['reset_pass_hash_token'] = current_time( 'timestamp' );
$ultimatemember->user->update_usermeta_info('reset_pass_hash_token');
@@ -50,6 +52,10 @@ class UM_Password {
if ( !um_user('reset_pass_hash') ) return false;
$user_id = um_user('ID');
delete_option( "um_cache_userdata_{$user_id}" );
$url = add_query_arg( 'act', 'reset_password', um_get_core_page('password-reset') );
$url = add_query_arg( 'hash', esc_attr( um_user('reset_pass_hash') ), $url );
$url = add_query_arg( 'user_id', esc_attr( um_user('ID') ), $url );