Improve the wp_set_password() PHPDoc with a note to guard against executing the function on every page load, such as through a theme's functions.php file.

See #28316. Built from https://develop.svn.wordpress.org/trunk@29461 git-svn-id: http://core.svn.wordpress.org/trunk@29239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-27 06:42:56 +02:00 · 2014-08-10 02:39:16 +00:00 · 2014-08-10 02:39:16 +00:00 · 0f7d35597c
commit 0f7d35597c
parent d60a081137
1 changed files with 4 additions and 0 deletions
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@ -2052,6 +2052,10 @@ if ( !function_exists('wp_set_password') ) :
 * For integration with other applications, this function can be overwritten to
 * instead use the other package password checking algorithm.
 *
+ * Please note: This function should be used sparingly and is really only meant for single-time
+ * application. Leveraging this improperly in a plugin or theme could result in an endless loop
+ * of password resets if precautions are not taken to ensure it does execute on every page load.
+ *
 * @since 2.5.0
 *
 * @uses $wpdb WordPress database object for queries