Get WordPress

Make WordPress Core

Changeset 55301

Timestamp:
02/09/2023 01:29:42 AM (18 months ago)
Author:
SergeyBiryukov
Message:

Login and Registration: Set correct default values in wp_signon().

The $credentials['user_login'] and $credentials['user_password'] parameters are passed by reference to the wp_authenticate action, and are at that point created as null if they don't exist in the array.

This commit sets those values to an empty string, resolving two PHP 8.1 deprecation notices:

  • One from preg_replace() in wp_strip_all_tags() via sanitize_user() in wp_authenticate(): 
    Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
  • One from trim() in wp_authenticate() itself: 
    Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated

Includes documenting the $credentials parameter using hash notation.

Follow-up to [6643], [37697].

Props lenasterg, TobiasBg, ocean90, afragen, lkraav, SergeyBiryukov.
Fixes #56850.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/wp-includes/user.php

    r55161 r55301  
    2727 * @global string $auth_secure_cookie
    2828 *
    29  * @param array       $credentials   Optional. User info in order to sign on.
     29 * @param array       $credentials {
     30 *     Optional. User info in order to sign on.
     31 *
     32 *     @type string $user_login    Username.
     33 *     @type string $user_password User password.
     34 *     @type bool   $remember      Whether to 'remember' the user. Increases the time
     35 *                                 that the cookie will be kept. Default false.
     36 * }
    3037 * @param string|bool $secure_cookie Optional. Whether to use secure cookie.
    3138 * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
     
    3340function wp_signon( $credentials = array(), $secure_cookie = '' ) {
    3441    if ( empty( $credentials ) ) {
    35         $credentials = array(); // Back-compat for plugins passing an empty string.
     42        $credentials = array(
     43            'user_login'    => '',
     44            'user_password' => '',
     45            'remember'      => false,
     46        );
    3647
    3748        if ( ! empty( $_POST['log'] ) ) {

  • trunk/tests/phpunit/tests/auth.php

    r55250 r55301  
    443443        $_POST['pwd'] = $user_args['user_pass'];
    444444        $this->assertInstanceOf( 'WP_User', wp_signon() );
     445
     446
     447
     448
     449
     450
     451
     452
     453
     454
     455
     456
     457
     458
     459
     460
     461
     462
     463
    445464    }
    446465
Note: See TracChangeset for help on using the changeset viewer.