Forum Replies Created
-
Claudia Dell’OrmeParticipant# 2 years, 7 months ago
The problem is that: the stored user_activaction_key (table wp_users) is not hashed but it’s saved as plain text.
Can u fix that?
Claudia Dell’OrmeParticipant# 2 years, 7 months agoThe exception is in wp-user.php:
if ( hash_equals( $user->user_activation_key, $key )) { $return = new WP_Error( 'expired_key', __( 'Invalid key. '); $user_id = $user->ID;
There are a comment:
/** * Filters the return value of check_password_reset_key() when an * old-style key is used. * * @since 3.7.0 Previously plain-text keys were stored in the database. * @since 4.3.0 Previously key hashes were stored without an expiration time. * * @param WP_Error $return A WP_Error object denoting an expired key. * Return a WP_User object to validate the key. * @param int $user_id The matched user ID. */
Claudia Dell’OrmeParticipant# 2 years, 7 months agoSame problem. How to fix it?
Viewing 3 posts - 1 through 3 (of 3 total)