Ticket #24973: trim-password-2.diff
| File trim-password-2.diff, 2.1 KB (added by , 12 years ago) |
|---|
-
tests/phpunit/tests/auth.php
44 44 $this->assertEquals( false, wp_validate_auth_cookie( $cookie, 'bar' ) ); 45 45 } 46 46 47 /* 47 /** 48 48 * @ticket 23494 49 49 */ 50 50 function test_password_trimming() { … … 65 65 $this->assertEquals( $another_user, $authed_user->ID ); 66 66 } 67 67 } 68 69 /** 70 * Test wp_hash_password trims whitespace 71 * 72 * This is similar to test_password_trimming but tests the "lower level" 73 * wp_hash_password function 74 * 75 * @group 24973 76 */ 77 function test_wp_hash_password_trimming() { 78 79 $password = ' pass with leading whitespace'; 80 $this->assertTrue( wp_check_password( 'pass with leading whitespace', wp_hash_password( $password ) ) ); 81 82 $password = 'pass with trailing whitespace '; 83 $this->assertTrue( wp_check_password( 'pass with trailing whitespace', wp_hash_password( $password ) ) ); 84 85 $password = ' pass with whitespace '; 86 $this->assertTrue( wp_check_password( 'pass with whitespace', wp_hash_password( $password ) ) ); 87 88 $password = "pass with new line \n"; 89 $this->assertTrue( wp_check_password( 'pass with new line', wp_hash_password( $password ) ) ); 90 91 $password = "pass with vertial tab o_O\x0B"; 92 $this->assertTrue( wp_check_password( 'pass with vertial tab o_O', wp_hash_password( $password ) ) ); 93 } 68 94 } -
src/wp-includes/pluggable.php
1456 1456 $wp_hasher = new PasswordHash(8, true); 1457 1457 } 1458 1458 1459 return $wp_hasher->HashPassword( $password);1459 return $wp_hasher->HashPassword(trim($password)); 1460 1460 } 1461 1461 endif; 1462 1462 … … 1603 1603 function wp_set_password( $password, $user_id ) { 1604 1604 global $wpdb; 1605 1605 1606 $hash = wp_hash_password( trim( $password ));1606 $hash = wp_hash_password( $password ); 1607 1607 $wpdb->update($wpdb->users, array('user_pass' => $hash, 'user_activation_key' => ''), array('ID' => $user_id) ); 1608 1608 1609 1609 wp_cache_delete($user_id, 'users');