Don't send out password if account doesn't exist, error out. We should improve error handling in this script.

git-svn-id: https://develop.svn.wordpress.org/trunk@645 602fd350-edb4-49c9-b593-d223f7449a82
2003-12-23 21:19:30 +00:00 · 2003-12-23 21:19:30 +00:00 · 03a18d42ce
parent 820a9b486b
commit 03a18d42ce
1 changed files with 1 additions and 0 deletions
--- a/wp-login.php
+++ b/wp-login.php
@ -208,6 +208,7 @@ case 'retrievepassword':
 	$user_email = $user_data->user_email;
 	$user_pass = $user_data->user_pass;

+	if (!$user_email) die('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username?');
 	$message  = "Login: $user_login\r\n";
 	$message .= "Password: $user_pass\r\n";