[wp-trac] [WordPress Trac] #26805: Email with Apostrophe May Not Update in Multisite
WordPress Trac
noreply at wordpress.org
Tue Feb 26 22:50:32 UTC 2019
#26805: Email with Apostrophe May Not Update in Multisite
--------------------------+------------------------------
Reporter: contrid | Owner: (none)
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Users | Version: 3.8
Severity: normal | Resolution:
Keywords: has-patch | Focuses: multisite
--------------------------+------------------------------
Changes (by boonebgorges):
* milestone: => Awaiting Review
Comment:
We can try to fix this, but there's a deeper problem here.
Backing up for a moment, the line in question
https://core.trac.wordpress.org/browser/tags/5.1/src/wp-admin/user-
edit.php#L154 is intended to do the following: When editing a user's email
address, look for rows in `wp_signups` that match the login of the edited
user, and update the email address there as well. As far as I can see,
this `signups` update has not worked since [12842]. Prior to that
changeset, the `$user_login` variable was defined (see
https://core.trac.wordpress.org/browser/trunk/wp-
admin/includes/ms.php?annotate=blame&rev=12841&marks=1166,1168#L1164).
After that changeset, `$user_login` was no longer supplied, causing the
update to fail. For reference, this functionality was introduced in
https://mu.trac.wordpress.org/changeset/1854.
I'm attaching a patch that fixes both issues - the apostrophe issue and
the `signups` issue - but I'm somewhat concerned that this bug is so baked
into the behavior of WordPress Multisite that it may now be considered a
feature. Plugins etc may now consider `user_email` in `signups` to be an
immutable field, and it could conceivably cause problems to start changing
it now. For this reason, I lean toward removing this block altogether. Cc
@jeremyfelt in case he has some deep wisdom here.
I didn't see any other uses of `is_email()` that take slashed data, but I
may have missed something.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/26805#comment:16>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list