AGG777 slot login.Makakuha ng libreng 700pho sa bawat deposito

Forum Replies Created

Viewing 4 replies - 1 through 4 (of 4 total)

Forum: Plugins
In reply to: [Theme My Login] Password reset links always comes up "expired"

finglandj
(@finglandj)

9 years, 6 months ago

This appears to be fixed in TML 6.4.1 beta

Forum: Plugins
In reply to: [Theme My Login] Password reset links always comes up "expired"
finglandj
(@finglandj)

9 years, 6 months ago
So I did a little digging on this:

WordPress 4.2.3 had

$hashed = $wp_hasher->HashPassword( $key );

WordPress 4.3 has

$hashed = time() . ':' . $wp_hasher->HashPassword( $key );

TML 6.3.9 has
```
$key = wp_generate_password( 20, false );
do_action( 'retrieve_password_key', $user_login, $key );
// Now insert the new md5 key into the db
$wpdb->update( $wpdb->users, array( 'user_activation_key' => $key ), array( 'user_login' => $user_login ) );
```
TML 6.3.12 has
```
$key = wp_generate_password( 20, false );
do_action( 'retrieve_password_key', $user_login, $key );

// Now insert the key, hashed, into the DB.
if ( empty( $wp_hasher ) ) {
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $wp_hasher = new PasswordHash( 8, true );
}
$hashed = $wp_hasher->HashPassword( $key );
$wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) );
```
So there’s actually two issues in here in TML 6.3.12. The first one is that $key is generated but never actually used now. The second is that $hashed does not add the timestamp wordpress expects. TML still relies on the wordpress function check_password_reset_key() which is expecting the timestamp.
Forum: Plugins
In reply to: [W3 Total Cache] W3TC is DISCARDING Directory structure when using CDN
finglandj
(@finglandj)

11 years, 12 months ago
The problem is occurring because of an erroneous replacement.

There is a script:
```
(function(){
				var srcStrt = "https://cdn10.brovadoweddings.com/blog/wp-content/uploads/p4/images/",
					bioData = [{"filename":"biopic1_1303345244.jpg","url":""},{"filename":"biopic2_1303345256.jpg","url":""},{"filename":"biopic3_1303345281.jpg","url":""},{"filename":"biopic4_1303345304.jpg","url":""}],
					picNum  = Math.floor(Math.random()*(bioData.length)),
					markup  = '<img id="biopic" src="'+srcStrt+bioData[picNum].filename+'" width="260" height="390" alt="MN Wedding Photography | Minneapolis Wedding Photographers | Engagement Photographer bio picture" class="bio-col" />';
				if ( bioData[picNum].url ) {
					markup = '<a href="'+bioData[picNum].url+'">'+markup+'</a>';
				}
				document.write(markup);
			})();
```
srcStart is getting modified by uri_to_cdn_uri which trims the trailing slash.

uri_to_cdn_uri is in w3-total-cache/lib/W3/Plugin/CdnCommon.php
Lines 544 and 550 trim slashes from the returned url. Changing those to an ltrim ensures the directory structure is maintained.
Forum: Plugins
In reply to: [Solid Security – Password, Two Factor Authentication, and Brute Force Protection] Filter Suspicious Query Strings breaks password reset (with solution)

finglandj
(@finglandj)

12 years, 3 months ago

I just encountered the same issue. Thanks pakeller for identifying the problem.

Viewing 4 replies - 1 through 4 (of 4 total)