From b6a2f6a186f20fa04bb6f92b5283d1e6e55c78e4 Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Tue, 11 Aug 2009 05:29:36 +0000
Subject: [PATCH] Enforce activation key to be a string.

git-svn-id: http://svn.automattic.com/wordpress/trunk@11799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-login.php b/wp-login.php
index 9e57f19b04..6ce312de68 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -187,7 +187,7 @@ function reset_password($key) {
 
 	$key = preg_replace('/[^a-z0-9]/i', '', $key);
 
-	if ( empty( $key ) || is_array( $key ) )
+	if ( empty( $key ) || !is_string( $key ) )
 		return new WP_Error('invalid_key', __('Invalid key'));
 
 	$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s", $key));