Ticket #10758: 10758-wp-includes-pluggable.patch

wp-includes/pluggable.php

@@ -35 +35 @@
  * actions on users who aren't signed in.
  *
  * @since 2.0.3
- * @global object $current_user The current user object which holds the user data.
+ * @global WP_User $current_user User-object of request aka The current user object which holds the user data.
  * @uses do_action() Calls 'set_current_user' hook after setting the current user.
  *
  * @param int $id User ID
@@ -43 +43 @@
  * @return WP_User Current user User object
  */
 function wp_set_current_user($id, $name = '') {
+        /* @var $current_user WP_User */
         global $current_user;
 
         if ( isset($current_user) && ($id == $current_user->ID) )
@@ -63 +64 @@
  * Retrieve the current user object.
  *
  * @since 2.0.3
+ * @global WP_User $current_user User-object of request aka The current user object which holds the user data.
  *
  * @return WP_User Current user WP_User object
  */
 function wp_get_current_user() {
+        /* @var $current_user WP_User */
         global $current_user;
 
         get_currentuserinfo();
@@ -84 +87 @@
  * set the current user to 0, which is invalid and won't have any permissions.
  *
  * @since 0.71
- * @uses $current_user Checks if the current user is set
+ * @global WP_User $current_user User-object of request aka The current user object which holds the user data.
  * @uses wp_validate_auth_cookie() Retrieves current logged in user.
  *
- * @return bool|null False on XMLRPC Request and invalid auth cookie. Null when current user set
+ * @return bool|null False on XMLRPC Request and invalid auth cookie. Null when current user set or it was not empty
  */
 function get_currentuserinfo() {
+        /* @var $current_user WP_User */
         global $current_user;
 
         if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
                 return false;
 
         if ( ! empty($current_user) )
-                return;
+                return null;
 
         if ( ! $user = wp_validate_auth_cookie() ) {
                  if ( empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
@@ -106 +110 @@
         }
 
         wp_set_current_user($user);
+
+        return null;
 }
 endif;
 
@@ -1223 +1229 @@
  * @return string The one use form token
  */
 function wp_create_nonce($action = -1) {
+        /* @var $user WP_User */
         $user = wp_get_current_user();
-        $uid = (int) $user->id;
 
+        if ( is_object($user) ) 
+                $uid = (int) $user->id;
+        else
+                $uid = 0;
+
         $i = wp_nonce_tick();
 
         return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);