[wp-trac] [WordPress Trac] #40214: Some WP instances prematurelly try to do capability tests, before the user object is loaded
WordPress Trac
noreply at wordpress.org
Tue Mar 21 08:22:30 UTC 2017
#40214: Some WP instances prematurelly try to do capability tests, before the user
object is loaded
-----------------------------+-----------------------------
Reporter: dffnbfee | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Role/Capability | Version: 4.7.3
Severity: normal | Keywords:
Focuses: |
-----------------------------+-----------------------------
What happens is that an empty deserialized stdObject is passed (probably
too early) to the WP_user object and the _wp_get_current_user function
mistakenly presumes the WP_user object to be properly initialized, thus it
prevents the administrators (in fact anyone from doing anything that need
capability checking) from accesing the protected page.
A quick fix for the solution was this:
users.php 2487
changed from:
if ( ! empty( $current_user )) {
changed to:
if ( ! empty( $current_user ) && isset($current_user->data->id)) {
This is a strange bug... it didn't effect my staging boxes running on
7.0.8 but it did effect all my boxes running 7.0.15+
It seems to me very unbeliavable that such little change can do harm, but
I can reproduce it everytime I try to move the project to a box.
Sorry I'm not a WP boy but do move sites requllary and I haven't
experienced such behavior with 4.6 or earlier.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40214>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list