Login and Registration: Set correct default values in `wp_signon()`.

The `$credentials['user_login']` and `$credentials['user_password']` parameters are passed by reference to the `wp_authenticate` action, and are at that point [https://www.php.net/manual/en/language.references.pass.php#124383 created as null] if they don't exist in the array. This commit sets those values to an empty string, resolving two PHP 8.1 deprecation notices: * One from `preg_replace()` in `wp_strip_all_tags()` via `sanitize_user()` in `wp_authenticate()`: {{{ Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated }}} * One from `trim()` in `wp_authenticate()` itself: {{{ Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated }}} Includes documenting the `$credentials` parameter using hash notation. Follow-up to [6643], [37697]. Props lenasterg, TobiasBg, ocean90, afragen, lkraav, SergeyBiryukov. Fixes #56850. Built from https://develop.svn.wordpress.org/trunk@55301 git-svn-id: http://core.svn.wordpress.org/trunk@54834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-09 01:31:22 +00:00 · 2023-02-09 01:31:22 +00:00 · bc0c01b1ac
parent d1b96a8e04
commit bc0c01b1ac
2 changed files with 14 additions and 3 deletions
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@ -26,13 +26,24 @@
 *
 * @global string $auth_secure_cookie
 *
- * @param array       $credentials   Optional. User info in order to sign on.
+ * @param array       $credentials {
+ *     Optional. User info in order to sign on.
+ *
+ *     @type string $user_login    Username.
+ *     @type string $user_password User password.
+ *     @type bool   $remember      Whether to 'remember' the user. Increases the time
+ *                                 that the cookie will be kept. Default false.
+ * }
 * @param string|bool $secure_cookie Optional. Whether to use secure cookie.
 * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
 */
 function wp_signon( $credentials = array(), $secure_cookie = '' ) {
 	if ( empty( $credentials ) ) {
-		$credentials = array(); // Back-compat for plugins passing an empty string.
+		$credentials = array(
+			'user_login'    => '',
+			'user_password' => '',
+			'remember'      => false,
+		);

 		if ( ! empty( $_POST['log'] ) ) {
 			$credentials['user_login'] = wp_unslash( $_POST['log'] );
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -16,7 +16,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '6.2-beta1-55300';
+$wp_version = '6.2-beta1-55301';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.