Improve authentication routine
|Reported by:||r-a-y||Owned by:|
In bp_core_signup_disable_inactive() and bp_core_boot_spammer(), checks are done against the $username parameter.
This isn't necessary; we should just use the passed $auth_obj and do checks against that as some plugins might already take advantage of the 'authenticate' filter and the $auth_obj variable (like the WP Email Login plugin).
(This ticket was created because of an issue with BuddyPress and the WP Email Login plugin.)
In the attached patch, I have renamed $auth_obj to $user, changed the authentication logic and cleaned up the PHPDoc for these two functions.
Let me know if you guys have any Qs!