From bc0c01b1ac747606882dad4a899a84f288ef6bde Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Thu, 9 Feb 2023 01:31:22 +0000 Subject: [PATCH] Login and Registration: Set correct default values in `wp_signon()`. The `$credentials['user_login']` and `$credentials['user_password']` parameters are passed by reference to the `wp_authenticate` action, and are at that point [https://www.php.net/manual/en/language.references.pass.php#124383 created as null] if they don't exist in the array. This commit sets those values to an empty string, resolving two PHP 8.1 deprecation notices: * One from `preg_replace()` in `wp_strip_all_tags()` via `sanitize_user()` in `wp_authenticate()`: {{{ Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated }}} * One from `trim()` in `wp_authenticate()` itself: {{{ Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated }}} Includes documenting the `$credentials` parameter using hash notation. Follow-up to [6643], [37697]. Props lenasterg, TobiasBg, ocean90, afragen, lkraav, SergeyBiryukov. Fixes #56850. Built from https://develop.svn.wordpress.org/trunk@55301 git-svn-id: http://core.svn.wordpress.org/trunk@54834 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/user.php | 15 +++++++++++++-- wp-includes/version.php | 2 +- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/wp-includes/user.php b/wp-includes/user.php index 7fc0dfb584..867df81e16 100644 --- a/wp-includes/user.php +++ b/wp-includes/user.php @@ -26,13 +26,24 @@ * * @global string $auth_secure_cookie * - * @param array $credentials Optional. User info in order to sign on. + * @param array $credentials { + * Optional. User info in order to sign on. + * + * @type string $user_login Username. + * @type string $user_password User password. + * @type bool $remember Whether to 'remember' the user. Increases the time + * that the cookie will be kept. Default false. + * } * @param string|bool $secure_cookie Optional. Whether to use secure cookie. * @return WP_User|WP_Error WP_User on success, WP_Error on failure. */ function wp_signon( $credentials = array(), $secure_cookie = '' ) { if ( empty( $credentials ) ) { - $credentials = array(); // Back-compat for plugins passing an empty string. + $credentials = array( + 'user_login' => '', + 'user_password' => '', + 'remember' => false, + ); if ( ! empty( $_POST['log'] ) ) { $credentials['user_login'] = wp_unslash( $_POST['log'] ); diff --git a/wp-includes/version.php b/wp-includes/version.php index d80aa669d7..14aa06f560 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.2-beta1-55300'; +$wp_version = '6.2-beta1-55301'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.