mirror_php/wordpress
1
0
Fork 0
mirror of git://develop.git.wordpress.org/ synced 2025-02-07 08:04:27 +01:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

Users: Fetch user by login in retrieve_password() if not found by email.

Browse Source 
This ensures that sending a password reset link works as expected if the user's login and email were initially the same, but the email address was subsequently updated and no longer matches the login, which is still set to the old address.

Follow-up to [6643], [18513], [19056], [37474], [50129], [50140].

Props donmhico, pbearne, azouamauriac, boblindner, daxelrod, audrasjb, SergeyBiryukov.
Fixes #53634.

git-svn-id: https://develop.svn.wordpress.org/trunk@54477 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov 2022-10-11 13:43:20 +00:00
parent 5e383d8209
commit d136e57d63
2 changed files with 26 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/wp-includes/user.php
View File

@ -3038,15 +3038,22 @@ function retrieve_password( $user_login = null ) {
$user_login = $_POST['user_login'];
}
$user_login = trim( wp_unslash( $user_login ) );
if ( empty( $user_login ) ) {
$errors->add( 'empty_username', __( '<strong>Error:</strong> Please enter a username or email address.' ) );
} elseif ( strpos( $user_login, '@' ) ) {
$user_data = get_user_by( 'email', trim( wp_unslash( $user_login ) ) );
$user_data = get_user_by( 'email', $user_login );
if ( empty( $user_data ) ) {
$user_data = get_user_by( 'login', $user_login );
}
if ( empty( $user_data ) ) {
$errors->add( 'invalid_email', __( '<strong>Error:</strong> There is no account with that username or email address.' ) );
}
} else {
$user_data = get_user_by( 'login', trim( wp_unslash( $user_login ) ) );
$user_data = get_user_by( 'login', $user_login );
}
/**

21
tests/phpunit/tests/user/retrievePassword.php
View File

@ -47,8 +47,7 @@ class Tests_User_RetrievePassword extends WP_UnitTestCase {
* @ticket 54690
*/
public function test_retrieve_password_reset_notification_email() {
$message = 'Sending password reset notification email failed.';
$this->assertNotWPError( retrieve_password( $this->user->user_login ), $message );
$this->assertNotWPError( retrieve_password( $this->user->user_login ), 'Sending password reset notification email failed.' );
}
/**
@ -64,7 +63,21 @@ class Tests_User_RetrievePassword extends WP_UnitTestCase {
}
);
$message = 'Sending password reset notification email succeeded.';
$this->assertWPError( retrieve_password( $this->user->user_login ), $message );
$this->assertWPError( retrieve_password( $this->user->user_login ), 'Sending password reset notification email succeeded.' );
}
/**
* @ticket 53634
*/
public function test_retrieve_password_should_fetch_user_by_login_if_not_found_by_email() {
self::factory()->user->create(
array(
'user_login' => 'foo@example.com',
'user_email' => 'bar@example.com',
)
);
$this->assertTrue( retrieve_password( 'foo@example.com' ), 'Fetching user by login failed.' );
$this->assertTrue( retrieve_password( 'bar@example.com' ), 'Fetching user by email failed.' );
}
}