Ticket #17018: 17018.2.patch

wp-admin/includes/user.php

@@ -44 +44 @@
 
         $pass1 = $pass2 = '';
         if ( isset( $_POST['pass1'] ))
-                $pass1 = $_POST['pass1'];
+                $pass1 = wp_unslash( $_POST['pass1'] );
         if ( isset( $_POST['pass2'] ))
-                $pass2 = $_POST['pass2'];
+                $pass2 = wp_unslash( $_POST['pass2'] );
 
         if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) {
                 $new_role = sanitize_text_field( $_POST['role'] );
@@ -106 +106 @@
 
         /* checking that username has been typed */
         if ( $user->user_login == '' )
-                $errors->add( 'user_login', __( '<strong>ERROR</strong>: Please enter a username.' ));
+                $errors->add( 'user_login', __( '<strong>ERROR</strong>: Please enter a username.' ) );
 
         /* checking the password has been typed twice */
-        do_action_ref_array( 'check_passwords', array ( $user->user_login, & $pass1, & $pass2 ));
+        do_action_ref_array( 'check_passwords', array( $user->user_login, &$pass1, &$pass2 ) );
 
         if ( $update ) {
                 if ( empty($pass1) && !empty($pass2) )
@@ -150 +150 @@
         }
 
         // Allow plugins to return their own errors.
-        do_action_ref_array('user_profile_update_errors', array ( &$errors, $update, &$user ) );
+        do_action_ref_array( 'user_profile_update_errors', array( &$errors, $update, &$user ) );
 
         if ( $errors->get_error_codes() )
                 return $errors;
@@ -159 +159 @@
                 $user_id = wp_update_user( $user );
         } else {
                 $user_id = wp_insert_user( $user );
-                wp_new_user_notification( $user_id, isset($_POST['send_password']) ? $pass1 : '' );
+                wp_new_user_notification( $user_id, isset( $_POST['send_password'] ) ? $pass1 : '' );
         }
         return $user_id;
 }