[buddypress-trac] [BuddyPress Trac] #5575: Deleting Users in Manage Signups Leaving Database Entries

buddypress-trac noreply at wordpress.org
Wed Apr 23 15:31:35 UTC 2014


#5575: Deleting Users in Manage Signups Leaving Database Entries
-------------------------------------------------+-------------------------
 Reporter:  aaclayton                            |       Owner:
     Type:  defect (bug)                         |      Status:  new
 Priority:  high                                 |   Milestone:  2.0.1
Component:  Administration                       |     Version:  2.0
 Severity:  major                                |  Resolution:
 Keywords:  needs-testing has-patch reporter-    |
  feedback 2nd-opinion                           |
-------------------------------------------------+-------------------------

Comment (by boonebgorges):

 What is the purpose of the "extra security" check? What's the scenario
 we're protecting against? (Obviously, cases where the activation_key
 doesn't match. But when does this happen? Is it when a plugin is
 interfering in the registration process? If this is the case, what is the
 danger of deleting the user account, given that user_status=2 *and* the
 signup ID has been passed to the `delete` method? Just trying to get a
 grasp on the point of having the check in the first place.)

--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/5575#comment:2>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac


More information about the buddypress-trac mailing list