[wp-trac] [WordPress Trac] #33699: Hidden password input fields should default to disabled="disabled"
WordPress Trac
noreply at wordpress.org
Fri Nov 20 21:45:41 UTC 2015
#33699: Hidden password input fields should default to disabled="disabled"
--------------------------+---------------------------------------------
Reporter: raamdev | Owner: ocean90
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 4.4
Component: Users | Version: 4.3
Severity: normal | Resolution:
Keywords: needs-patch | Focuses: ui, javascript, administration
--------------------------+---------------------------------------------
Comment (by adamsilverstein):
[attachment:33699.6.diff] resolves the underlying issue where we were
inadvertently submitting the fields disabled and their value was never
passed to PHP. This patch ensures the fields get enabled before the
submission occurs. I verified that I no longer get a PHP notice when
adding a new user.
Once possible issue would be that if validation fails (for example,
omitting the email address), the fields would be enabled again. I don't
think the password managers would then attempt to autofill these fields,
because I think they only check for password fields on page load; however
I am unable to reproduce the original issue consistently.
@raamdev or @JasWSInc can you check @ocean90's patch to see if you see any
of the original issue recurring after applying this patch: if possible,
please test the edit profile screen and try submitting the form with a
validation error (for example, change the email to something thats not an
email). submit, get the error, correct and resubmit; then verify the
password wasn’t inadvertently changed.
Thanks!
--
Ticket URL: <https://core.trac.wordpress.org/ticket/33699#comment:28>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list