Passwords: Deprecate second parameter of wp_new_user_notification().

The second parameter `$plaintext_pass` was removed in [33023] and restored as `$notify` in [33620] with a different behavior. If you have a plugin overriding `wp_new_user_notification()` which hasn't been updated you would get a notification with your username and the password "both".
To prevent this the second parameter is now deprecated and reintroduced as the third parameter.

Adds unit tests.

Merge of [34116] to the 4.3 branch.

Props kraftbj, adamsilverstein, welcher, ocean90.
See #33654.
Built from https://develop.svn.wordpress.org/branches/4.3@34118


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Dominik Schilling 2015-09-14 13:03:24 +00:00
parent bf8ffcc14e
commit cca265971e
6 changed files with 16 additions and 9 deletions

View File

@ -176,7 +176,7 @@ function edit_user( $user_id = 0 ) {
$user_id = wp_update_user( $user ); $user_id = wp_update_user( $user );
} else { } else {
$user_id = wp_insert_user( $user ); $user_id = wp_insert_user( $user );
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
} }
return $user_id; return $user_id;
} }

View File

@ -79,7 +79,7 @@ if ( isset($_REQUEST['action']) && 'add-site' == $_REQUEST['action'] ) {
if ( false === $user_id ) if ( false === $user_id )
wp_die( __( 'There was an error creating the user.' ) ); wp_die( __( 'There was an error creating the user.' ) );
else else
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
} }
$wpdb->hide_errors(); $wpdb->hide_errors();

View File

@ -77,7 +77,7 @@ if ( $action ) {
if ( false === $user_id ) { if ( false === $user_id ) {
$update = 'err_new_dup'; $update = 'err_new_dup';
} else { } else {
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
add_user_to_blog( $id, $user_id, $_POST['new_role'] ); add_user_to_blog( $id, $user_id, $_POST['new_role'] );
$update = 'newuser'; $update = 'newuser';
} }

View File

@ -51,7 +51,7 @@ if ( isset($_REQUEST['action']) && 'add-user' == $_REQUEST['action'] ) {
if ( ! $user_id ) { if ( ! $user_id ) {
$add_user_errors = new WP_Error( 'add_user_fail', __( 'Cannot add user.' ) ); $add_user_errors = new WP_Error( 'add_user_fail', __( 'Cannot add user.' ) );
} else { } else {
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
wp_redirect( add_query_arg( array('update' => 'added'), 'user-new.php' ) ); wp_redirect( add_query_arg( array('update' => 'added'), 'user-new.php' ) );
exit; exit;
} }

View File

@ -1689,15 +1689,22 @@ if ( !function_exists('wp_new_user_notification') ) :
* *
* @since 2.0.0 * @since 2.0.0
* @since 4.3.0 The `$plaintext_pass` parameter was changed to `$notify`. * @since 4.3.0 The `$plaintext_pass` parameter was changed to `$notify`.
* @since 4.3.1 The `$plaintext_pass` parameter was deprecated. `$notify` added as a third parameter.
* *
* @global wpdb $wpdb WordPress database object for queries. * @global wpdb $wpdb WordPress database object for queries.
* @global PasswordHash $wp_hasher Portable PHP password hashing framework instance. * @global PasswordHash $wp_hasher Portable PHP password hashing framework instance.
* *
* @param int $user_id User ID. * @param int $user_id User ID.
* @param string $notify Whether admin and user should be notified ('both') or * @param null $deprecated Not used (argument deprecated).
* only the admin ('admin' or empty). * @param string $notify Optional. Type of notification that should happen. Accepts 'admin' or an empty
* string (admin only), or 'both' (admin and user). The empty string value was kept
* for backward-compatibility purposes with the renamed parameter. Default empty.
*/ */
function wp_new_user_notification( $user_id, $notify = '' ) { function wp_new_user_notification( $user_id, $deprecated = null, $notify = '' ) {
if ( $deprecated !== null ) {
_deprecated_argument( __FUNCTION__, '4.3.1' );
}
global $wpdb, $wp_hasher; global $wpdb, $wp_hasher;
$user = get_userdata( $user_id ); $user = get_userdata( $user_id );

View File

@ -2619,7 +2619,7 @@ function register_new_user( $user_login, $user_email ) {
update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag. update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
return $user_id; return $user_id;
} }