[wp-trac] [WordPress Trac] #35715: edit_user() doesn't check for empty password (pass1).
WordPress Trac
noreply at wordpress.org
Tue Mar 22 22:10:55 UTC 2016
#35715: edit_user() doesn't check for empty password (pass1).
-------------------------------------------------+-------------------------
Reporter: gitlost | Owner: ocean90
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: 4.5
Component: Users | Version: 4.4
Severity: normal | Resolution:
Keywords: good-first-bug has-patch has- | Focuses:
screenshots |
-------------------------------------------------+-------------------------
Comment (by adamsilverstein):
@ocean90 looks good, thanks for cleaning up the remaining doc blocks. I
checked the functionality and everything worked fine, i see the error
message if i try to use a blank password.
I did notice one unintended consequence of the second password comparison
change: if i edit an existing user and enter a password only in the pass2
field, i don't get an error. Not sure if password actually updated, but
should show an error.
Conditional should likely be, i tested this, patch incoming:
`if ( ( $update || strlen( $pass1 ) ) && $pass1 != $pass2 ) {`
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35715#comment:24>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list