[wp-trac] [WordPress Trac] #36405: User creation fails for users with long names.

Sun Apr 3 05:49:03 UTC 2016

#36405: User creation fails for users with long names.
--------------------------+-----------------------------
 Reporter:  cfinke        |      Owner:
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  Users         |    Version:  trunk
 Severity:  normal        |   Keywords:
  Focuses:                |
--------------------------+-----------------------------
 Summary: When creating a user with a long first or last name, the query
 that inserts the user into the DB is assumed to have succeeded, but that
 fact is never verified.

 Sign in as an admin and create a new user, giving it the first name
 `ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQ`
 (or any 251-byte string). After submitting the form, you'll see a handful
 of error messages (line numbers are from trunk just now, but I can
 reproduce the bug as far back as 4.2.1):

 {{{
 Notice: Trying to get property of non-object in wp-includes/pluggable.php
 on line 1716
 Notice: Trying to get property of non-object in wp-includes/pluggable.php
 on line 1717
 Notice: Trying to get property of non-object in wp-includes/pluggable.php
 on line 1730
 Notice: Trying to get property of non-object in wp-includes/pluggable.php
 on line 1738
 Notice: Trying to get property of non-object in wp-includes/pluggable.php
 on line 1740
 Notice: Trying to get property of non-object in wp-includes/pluggable.php
 on line 1742
 Notice: Trying to get property of non-object in wp-includes/pluggable.php
 on line 1746

 Warning: Cannot modify header information - headers already sent by
 (output started at wp-includes/pluggable.php:1716) in wp-
 includes/pluggable.php on line 1171
 }}}

 What happens is that the `$wpdb->insert( $wpdb->users, $data + compact(
 'user_login' ) );` call in `wp_insert_user()` fails, but there's no check
 to ensure that it succeeded, so the code proceeds to try and create a new
 `WP_User` with ID `0`. This results in unexpected behavior, like sending a
 "New User Registration" email to the admin with blank "Username" and
 "Email" values.

 The failure is due to `$wpdb->process_fields()` calling
 `$wpdb->strip_invalid_text()`, which truncates the `display_name` field
 (because the `display_name` field only allows 250 bytes), and because it
 then doesn't match the value passed into `$wpdb->process_fields()`, it
 returns `false`. So this isn't so much a bug about a text string that's
 too long, it's really a bug about not checking the return value of
 `$wpdb->insert()`.

 I think the resolution of #10377 is probably the same kind of approach
 that could be taken here, since the problems seem similar.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/36405>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform