Privacy: Remove unnecessary `WP_Error` when handling `confirmaction` requests.
By reordering the logic when handling the `confirmaction` action in `wp-login.php`, the need for a new `WP_Error` object to be created can be eliminated. The error message can be passed directly into a `wp_die()` call, matching the other validation errors in related code. Props garrett-eclipse, birgire. Fixes #44901. git-svn-id: https://develop.svn.wordpress.org/trunk@44931 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Jonathan Desrosiers
parent
bdba41f9da
commit
d941cf62ee
|
|
@ -853,17 +853,16 @@ switch ( $action ) {
|
|||
|
||||
case 'confirmaction':
|
||||
if ( ! isset( $_GET['request_id'] ) ) {
|
||||
wp_die( __( 'Invalid request.' ) );
|
||||
wp_die( __( 'Missing request ID.' ) );
|
||||
}
|
||||
|
||||
if ( ! isset( $_GET['confirm_key'] ) ) {
|
||||
wp_die( __( 'Missing confirm key.' ) );
|
||||
}
|
||||
|
||||
$request_id = (int) $_GET['request_id'];
|
||||
|
||||
if ( isset( $_GET['confirm_key'] ) ) {
|
||||
$key = sanitize_text_field( wp_unslash( $_GET['confirm_key'] ) );
|
||||
$result = wp_validate_user_request_key( $request_id, $key );
|
||||
} else {
|
||||
$result = new WP_Error( 'invalid_key', __( 'Invalid key' ) );
|
||||
}
|
||||
|
||||
if ( is_wp_error( $result ) ) {
|
||||
wp_die( $result );
|
||||
|
|
|
|||
Loading…
Reference in New Issue