[wp-trac] [WordPress Trac] #35715: edit_user() doesn't check for empty password (pass1).

WordPress Trac noreply at wordpress.org
Wed Mar 16 01:52:05 UTC 2016

#35715: edit_user() doesn't check for empty password (pass1).
 Reporter:  gitlost                              |       Owner:
     Type:  defect (bug)                         |  SergeyBiryukov
 Priority:  normal                               |      Status:  reviewing
Component:  Users                                |   Milestone:  4.5
 Severity:  normal                               |     Version:  4.4
 Keywords:  needs-testing good-first-bug has-    |  Resolution:
  patch                                          |     Focuses:

Comment (by gitlost):

 @wesleye is your IDE re-formatting stuff automatically? I've uploaded a
 version with code standard styled unit tests plus took the liberty of
 rejigging the pass1 test to be more "natural", ie follows a pattern which
 could be added as a function so it can be used as a drop-in replacement
 for `empty()` when testing `$_REQUEST` strings eg

  * Drop-in substitute for PHP empty(), when testing against strings, doing
 exact zero-byte string match. In particular excludes '0'.
  * Returns true if val is unset, null, or '' (ie same as empty() except
 returns false on 0, 0.0, '0', array() and false).
 function wp_blank( &$val ) {
         return ! isset( $val ) || '' === $val;


Ticket URL: <https://core.trac.wordpress.org/ticket/35715#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list