+ list( $rp_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
+ $rp_cookie = 'wp-resetpass-' . COOKIEHASH;
+ if ( isset( $_GET['key'] ) ) {
+ $value = sprintf( '%s:%s', wp_unslash( $_GET['login'] ), wp_unslash( $_GET['key'] ) );
+ setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
+ wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) );
+ exit;
+ }
+
+ if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) {
+ list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
+ $user = check_password_reset_key( $rp_key, $rp_login );
+ } else {
+ $user = false;
+ }