Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Users: In `edit_user()` check for a blank password when adding a user. 

Props wesleye, gitlost, adamsilverstein.
Fixes #35715.
Built from https://develop.svn.wordpress.org/trunk@37059


git-svn-id: http://core.svn.wordpress.org/trunk@37026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Dominik Schilling 2016-03-22 23:07:27 +00:00
parent a5ade333e1
commit 6c81a0cbf6
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
wp-admin/includes/user.php
View File

@ -113,7 +113,6 @@ function edit_user( $user_id = 0 ) {
$errors->add( 'nickname', __( '<strong>ERROR</strong>: Please enter a nickname.' ) );
}
/* checking the password has been typed twice */
/**
* Fires before the password and confirm password fields are checked for congruity.
*
@ -125,13 +124,20 @@ function edit_user( $user_id = 0 ) {
*/
do_action_ref_array( 'check_passwords', array( $user->user_login, &$pass1, &$pass2 ) );
/* Check for "\" in password */
if ( false !== strpos( wp_unslash( $pass1 ), "\\" ) )
$errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) );
// Check for blank password when adding a user.
if ( ! $update && empty( $pass1 ) ) {
$errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter a password.' ), array( 'form-field' => 'pass1' ) );
}
/* checking the password has been typed twice the same */
if ( $pass1 != $pass2 )
// Check for "\" in password.
if ( false !== strpos( wp_unslash( $pass1 ), "\\" ) ) {
$errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) );
}
// Checking the password has been typed twice the same.
if ( ( $update || ! empty( $pass1 ) ) && $pass1 != $pass2 ) {
$errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter the same password in both password fields.' ), array( 'form-field' => 'pass1' ) );
}
if ( !empty( $pass1 ) )
$user->user_pass = $pass1;

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.5-beta4-37058';
$wp_version = '4.5-beta4-37059';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.