[wp-trac] [WordPress Trac] #35715: edit_user() doesn't check for empty password (pass1).

WordPress Trac noreply at wordpress.org
Tue Mar 22 23:11:26 UTC 2016


#35715: edit_user() doesn't check for empty password (pass1).
-------------------------------------------------+-------------------------
 Reporter:  gitlost                              |       Owner:  ocean90
     Type:  defect (bug)                         |      Status:  closed
 Priority:  normal                               |   Milestone:  4.5
Component:  Users                                |     Version:  4.4
 Severity:  normal                               |  Resolution:  fixed
 Keywords:  good-first-bug has-patch has-        |     Focuses:
  screenshots                                    |
-------------------------------------------------+-------------------------

Comment (by ocean90):

 So, after 7 weeks we're back to comment:1. :-)

 Replying to [comment:6 wesleye]:
 > The only thing I'm woried about is that the function will fail if the
 passwords have been set to 0. This was also the case with the original
 code, so I've not added code to fix this. Is this something we want?

 This part was excluded from [37059]. Since there a few `empty()` checks
 through the codebase, including the login form, it makes sense to open a
 new ticket for this. Although I'm not sure if it's really worth the
 effort. Is there a real use case for it?

--
Ticket URL: <https://core.trac.wordpress.org/ticket/35715#comment:27>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list