From 03a18d42ce55fc881270fc43fa4b1f4db9db978f Mon Sep 17 00:00:00 2001
From: Matt Mullenweg <matt@git.wordpress.org>
Date: Tue, 23 Dec 2003 21:19:30 +0000
Subject: [PATCH] Don't send out password if account doesn't exist, error out.
 We should improve error handling in this script.

git-svn-id: https://develop.svn.wordpress.org/trunk@645 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/wp-login.php b/wp-login.php
index f0789de8c8..ffef0a2140 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -208,6 +208,7 @@ case 'retrievepassword':
 	$user_email = $user_data->user_email;
 	$user_pass = $user_data->user_pass;
 
+	if (!$user_email) die('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username?');
 	$message  = "Login: $user_login\r\n";
 	$message .= "Password: $user_pass\r\n";