An astute user pointed out to me this morning that there is a bug in WP-Members 2.5.3 (Thanks Tom!!)
When a new user registers, a random password is emailed to that user. The password being sent is invalid.
Upon receiving this information, I immediately looked into it and found that there is indeed a flaw in the password that is being sent to the database when the user registers.
Although I am working on this right now so that we can get a bug free release out right away, if you are using WP-Members 2.5.3 on a production system, I would recommend that you roll back to 2.5.2 which does not contain this bug. I’ll have an update out today that corrects this.
I want to take a moment to say that I appreciate all of the users of this buy ed pills online plugin. I have always strived to keep it a professional product so I am extremely frustrated when a major issue creeps up after a release. If you affected by this, please accept my apologies.
Update:
The bug stems from a change in wpmem_registration, moving from using a $wpdb query to insert the user to using the wp_insert_user function. The direct query required me to hash the password prior to insert. wp_insert_user hashes the password as part of the insert process, so since I was passing it a hashed password, it was going into the db double hashed.
Resolved:
This bug as been corrected and a new release packaged and uploaded to wordpress.org. Please be sure to update!
Enjoyed this article?
Don't miss a single post. Subscribe to our RSS feed!