Changeset 10800 for trunk/src/bp-members/bp-members-screens.php

Timestamp:

05/24/2016 02:34:37 PM (10 years ago)

Author:

boonebgorges

Message:

Better hash building for activation keys, password reset keys, and filenames.

There is no need to use user-facing info for these hashes.

Props DJPaul, vortfu.

File:

• trunk/src/bp-members/bp-members-screens.php (modified) (1 diff)

trunk/src/bp-members/bp-members-screens.php

@@ -370 +370 @@
         }
 
-        $hashed_key = wp_hash( $key );
-
-        // Check if the signup avatar folder exists. If it does, move the folder to
-        // the BP user avatars directory.
-        if ( file_exists( bp_core_avatar_upload_path() . '/avatars/signups/' . $hashed_key ) ) {
-            @rename( bp_core_avatar_upload_path() . '/avatars/signups/' . $hashed_key, bp_core_avatar_upload_path() . '/avatars/' . $user );
-        }
-
         bp_core_add_message( __( 'Your account is now active!', 'buddypress' ) );
         $bp->activation_complete = true;