[wp-trac] [WordPress Trac] #34160: PHP notice if post_password field is missing from postpass request
WordPress Trac
noreply at wordpress.org
Tue Oct 6 19:08:39 UTC 2015
#34160: PHP notice if post_password field is missing from postpass request
----------------------------------------+------------------------------
Reporter: johnbillion | Owner:
Type: defect (bug) | Status: new
Priority: low | Milestone: Awaiting Review
Component: Login and Registration | Version:
Severity: normal | Resolution:
Keywords: needs-patch good-first-bug | Focuses:
----------------------------------------+------------------------------
Comment (by iamfriendly):
I know this is tagged as good for a first bug (and this isn't my first
bug) but ran across this on a site and needed to get a fix up.
The attached patch checks for existence of the 'post_passsword' array key
in the $_POST superglobal and if it isn't set redirects to the referrer.
Prevents PHP warning.
Not entirely sure if this is the absolute best thing to do, happy to take
on suggestions for how to make this better across the board - i.e. if
someone actually access wp-login.php?action=postpass directly, previously
they got a whitescreen (and if you have debug turned on it tells you about
the PHP warning and also that headers can't be modified). With this patch,
there's no warnings but it's still a whitescreen. What would be the
preferred output here? a wp_die() perhaps?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34160#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list