[buddypress-trac] [BuddyPress Trac] #7227: Fatal error - Call to undefined function wp_generate_password() in bp-core\bp-core-options.php on line 77

buddypress-trac noreply at wordpress.org
Sat Aug 20 18:03:40 UTC 2016

#7227: Fatal error - Call to undefined function wp_generate_password() in bp-core
\bp-core-options.php on line 77
 Reporter:  r-a-y         |      Owner:
     Type:  defect (bug)  |     Status:  new
 Priority:  high          |  Milestone:  2.7
Component:  Core          |    Version:
 Severity:  major         |   Keywords:  has-patch
 If a plugin is activated and loads before the `'plugins_loaded'` hook and
 calls on one of these functions:

 * update_option()
 * update_site_option()
 * add_option()
 * add_site_option()

 You will get the `Call to undefined function wp_generate_password() in bp-
 core\bp-core-options.php on line 77` fatal error.

 The problem is caused by the `bp_core_clear_root_options_cache()`
 function, which is hooked to the above function hooks, and the
 introduction of the `bp-emails-unsubscribe-salt` root option in r10949,
 which uses `wp_generate_password()` in `bp_get_default_options()`.

 `wp_generate_password()` is only available via `wp-
 includes/pluggable.php`.  `wp-includes/pluggable.php` is loaded
 '''after''' plugins are included:

 So if a plugin uses either `update_option()`, `update_site_option()`,
 `add_option()` or `add_site_option()` before the `'plugins_loaded'` hook,
 you will get the fatal error described above.

 I've attached a patch that includes `pluggable.php` if it isn't available,
 which fixes the issue.

 I think we also have to audit the `bp_core_clear_root_options_cache()`
 function.  On a multisite network, do we have to check this function on
 all sub-sites?  Wouldn't it make sense to only use this function on the
 root blog?

Ticket URL: <https://buddypress.trac.wordpress.org/ticket/7227>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac

More information about the buddypress-trac mailing list