Opened 13 years ago
Closed 13 years ago
#4245 closed defect (bug) (fixed)
Improve authentication routine
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | 1.6 | Priority: | normal |
| Severity: | normal | Version: | 1.5 |
| Component: | Members | Keywords: | has-patch |
| Cc: |
Description
In bp_core_signup_disable_inactive() and bp_core_boot_spammer(), checks are done against the $username parameter.
This isn't necessary; we should just use the passed $auth_obj and do checks against that as some plugins might already take advantage of the 'authenticate' filter and the $auth_obj variable (like the WP Email Login plugin).
(This ticket was created because of an issue with BuddyPress and the WP Email Login plugin.)
In the attached patch, I have renamed $auth_obj to $user, changed the authentication logic and cleaned up the PHPDoc for these two functions.
Let me know if you guys have any Qs!
Attachments (1)
Change History (3)
#2
@
13 years ago
- Resolution set to fixed
- Status changed from new to closed
(In [6072]) Cleans up the authentication checks for spammers and inactive users
- Saves a lookup by examining the $auth_obj passed from the 'authenticate' hook instead of looking the user up by $username, in both bp_core_boot_spammer() and bp_core_signup_disable_inactive()
- Updates documentation for the relevant functions
Fixes #4245
Props r-a-y
Good call, r-a-y - this looks right. I'm going to do some more testing in the next day or two, but it looks like it should be doable for this release.