Ticket #41057: 41057-src-wp-includes-user.patch
| File 41057-src-wp-includes-user.patch, 24.0 KB (added by , 8 years ago) |
|---|
-
src/wp-includes/user.php
26 26 * @return WP_User|WP_Error WP_User on success, WP_Error on failure. 27 27 */ 28 28 function wp_signon( $credentials = array(), $secure_cookie = '' ) { 29 if ( empty( $credentials) ) {29 if ( empty( $credentials ) ) { 30 30 $credentials = array(); // Back-compat for plugins passing an empty string. 31 31 32 if ( ! empty( $_POST['log']) )32 if ( ! empty( $_POST['log'] ) ) 33 33 $credentials['user_login'] = $_POST['log']; 34 if ( ! empty( $_POST['pwd']) )34 if ( ! empty( $_POST['pwd'] ) ) 35 35 $credentials['user_password'] = $_POST['pwd']; 36 if ( ! empty( $_POST['rememberme']) )36 if ( ! empty( $_POST['rememberme'] ) ) 37 37 $credentials['remember'] = $_POST['rememberme']; 38 38 } 39 39 40 if ( ! empty($credentials['remember']) )40 if ( ! empty( $credentials['remember'] ) ) 41 41 $credentials['remember'] = true; 42 42 else 43 43 $credentials['remember'] = false; … … 77 77 */ 78 78 $secure_cookie = apply_filters( 'secure_signon_cookie', $secure_cookie, $credentials ); 79 79 80 global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie 80 global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie. 81 81 $auth_secure_cookie = $secure_cookie; 82 82 83 add_filter( 'authenticate', 'wp_authenticate_cookie', 30, 3);83 add_filter( 'authenticate', 'wp_authenticate_cookie', 30, 3 ); 84 84 85 $user = wp_authenticate( $credentials['user_login'], $credentials['user_password']);85 $user = wp_authenticate( $credentials['user_login'], $credentials['user_password'] ); 86 86 87 87 if ( is_wp_error($user) ) { 88 if ( $user->get_error_codes() == array( 'empty_username', 'empty_password') ) {89 $user = new WP_Error( '', '');88 if ( $user->get_error_codes() == array( 'empty_username', 'empty_password' ) ) { 89 $user = new WP_Error( '', '' ); 90 90 } 91 91 92 92 return $user; 93 93 } 94 94 95 wp_set_auth_cookie( $user->ID, $credentials['remember'], $secure_cookie);95 wp_set_auth_cookie( $user->ID, $credentials['remember'], $secure_cookie ); 96 96 /** 97 97 * Fires after the user has successfully logged in. 98 98 * … … 115 115 * @param string $password Password for authentication. 116 116 * @return WP_User|WP_Error WP_User on success, WP_Error on failure. 117 117 */ 118 function wp_authenticate_username_password( $user, $username, $password) {118 function wp_authenticate_username_password( $user, $username, $password ) { 119 119 if ( $user instanceof WP_User ) { 120 120 return $user; 121 121 } 122 122 123 if ( empty( $username) || empty($password) ) {123 if ( empty( $username ) || empty( $password ) ) { 124 124 if ( is_wp_error( $user ) ) 125 125 return $user; 126 126 127 127 $error = new WP_Error(); 128 128 129 if ( empty( $username) )130 $error->add( 'empty_username', __('<strong>ERROR</strong>: The username field is empty.'));129 if ( empty( $username ) ) 130 $error->add( 'empty_username', __( '<strong>ERROR</strong>: The username field is empty.' ) ); 131 131 132 if ( empty( $password) )133 $error->add( 'empty_password', __('<strong>ERROR</strong>: The password field is empty.'));132 if ( empty( $password ) ) 133 $error->add( 'empty_password', __( '<strong>ERROR</strong>: The password field is empty.' ) ); 134 134 135 135 return $error; 136 136 } 137 137 138 $user = get_user_by( 'login', $username);138 $user = get_user_by( 'login', $username ); 139 139 140 if ( ! $user ) {140 if ( ! $user ) { 141 141 return new WP_Error( 'invalid_username', 142 142 __( '<strong>ERROR</strong>: Invalid username.' ) . 143 143 ' <a href="' . wp_lostpassword_url() . '">' . … … 156 156 * @param string $password Password to check against the user. 157 157 */ 158 158 $user = apply_filters( 'wp_authenticate_user', $user, $password ); 159 if ( is_wp_error( $user) )159 if ( is_wp_error( $user ) ) 160 160 return $user; 161 161 162 162 if ( ! wp_check_password( $password, $user->user_pass, $user->ID ) ) { … … 199 199 $error = new WP_Error(); 200 200 201 201 if ( empty( $email ) ) { 202 $error->add( 'empty_username', __( '<strong>ERROR</strong>: The email field is empty.' ) ); // Uses 'empty_username' for back-compat with wp_signon() 202 $error->add( 'empty_username', __( '<strong>ERROR</strong>: The email field is empty.' ) ); // Uses 'empty_username' for back-compat with wp_signon(). 203 203 } 204 204 205 205 if ( empty( $password ) ) { … … 259 259 * @param string $password Password. If not empty, cancels the cookie authentication. 260 260 * @return WP_User|WP_Error WP_User on success, WP_Error on failure. 261 261 */ 262 function wp_authenticate_cookie( $user, $username, $password) {262 function wp_authenticate_cookie( $user, $username, $password ) { 263 263 if ( $user instanceof WP_User ) { 264 264 return $user; 265 265 } 266 266 267 if ( empty( $username) && empty($password) ) {267 if ( empty( $username ) && empty( $password ) ) { 268 268 $user_id = wp_validate_auth_cookie(); 269 269 if ( $user_id ) 270 270 return new WP_User($user_id); … … 276 276 else 277 277 $auth_cookie = AUTH_COOKIE; 278 278 279 if ( ! empty($_COOKIE[$auth_cookie]) )280 return new WP_Error( 'expired_session', __('Please log in again.'));279 if ( ! empty( $_COOKIE[$auth_cookie] ) ) 280 return new WP_Error( 'expired_session', __( 'Please log in again.' ) ); 281 281 282 282 // If the cookie is not set, be silent. 283 283 } … … 332 332 return $user_id; 333 333 } 334 334 335 if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[ LOGGED_IN_COOKIE] ) ) {335 if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) { 336 336 return false; 337 337 } 338 338 339 return wp_validate_auth_cookie( $_COOKIE[ LOGGED_IN_COOKIE], 'logged_in' );339 return wp_validate_auth_cookie( $_COOKIE[ LOGGED_IN_COOKIE ], 'logged_in' ); 340 340 } 341 341 342 342 /** … … 411 411 return $count; 412 412 } 413 413 414 // 415 // User option functions 416 // 414 // User option functions. 417 415 418 416 /** 419 417 * Get the current user's ID … … 451 449 function get_user_option( $option, $user = 0, $deprecated = '' ) { 452 450 global $wpdb; 453 451 454 if ( ! empty( $deprecated ) )452 if ( ! empty( $deprecated ) ) 455 453 _deprecated_argument( __FUNCTION__, '3.0.0' ); 456 454 457 455 if ( empty( $user ) ) … … 506 504 function update_user_option( $user_id, $option_name, $newvalue, $global = false ) { 507 505 global $wpdb; 508 506 509 if ( ! $global )507 if ( ! $global ) 510 508 $option_name = $wpdb->get_blog_prefix() . $option_name; 511 509 512 510 return update_user_meta( $user_id, $option_name, $newvalue ); … … 523 521 * 524 522 * @global wpdb $wpdb WordPress database abstraction object. 525 523 * 526 * @param int $user_id User ID 524 * @param int $user_id User ID. 527 525 * @param string $option_name User option name. 528 526 * @param bool $global Optional. Whether option name is global or blog specific. 529 527 * Default false (blog specific). … … 532 530 function delete_user_option( $user_id, $option_name, $global = false ) { 533 531 global $wpdb; 534 532 535 if ( ! $global )533 if ( ! $global ) 536 534 $option_name = $wpdb->get_blog_prefix() . $option_name; 537 535 return delete_user_meta( $user_id, $option_name ); 538 536 } … … 553 551 $args = wp_parse_args( $args ); 554 552 $args['count_total'] = false; 555 553 556 $user_search = new WP_User_Query( $args);554 $user_search = new WP_User_Query( $args ); 557 555 558 556 return (array) $user_search->get_results(); 559 557 } … … 566 564 * 567 565 * @global wpdb $wpdb WordPress database abstraction object. 568 566 * 569 * @param int $user_id User ID 567 * @param int $user_id User ID. 570 568 * @param bool $all Whether to retrieve all sites, or only sites that are not 571 569 * marked as deleted, archived, or spam. 572 570 * @return array A list of the user's sites. An empty array if the user doesn't exist … … 577 575 578 576 $user_id = (int) $user_id; 579 577 580 // Logged out users can't have sites 578 // Logged out users can't have sites. 581 579 if ( empty( $user_id ) ) 582 580 return array(); 583 581 … … 608 606 $site_id = get_current_blog_id(); 609 607 $sites = array( $site_id => new stdClass ); 610 608 $sites[ $site_id ]->userblog_id = $site_id; 611 $sites[ $site_id ]->blogname = get_option( 'blogname');609 $sites[ $site_id ]->blogname = get_option( 'blogname' ); 612 610 $sites[ $site_id ]->domain = ''; 613 611 $sites[ $site_id ]->path = ''; 614 612 $sites[ $site_id ]->site_id = 1; 615 $sites[ $site_id ]->siteurl = get_option( 'siteurl');613 $sites[ $site_id ]->siteurl = get_option( 'siteurl' ); 616 614 $sites[ $site_id ]->archived = 0; 617 615 $sites[ $site_id ]->spam = 0; 618 616 $sites[ $site_id ]->deleted = 0; … … 704 702 } 705 703 706 704 // Technically not needed, but does save calls to get_site and get_user_meta 707 // in the event that the function is called when a user isn't logged in 705 // in the event that the function is called when a user isn't logged in. 708 706 if ( empty( $user_id ) ) { 709 707 return false; 710 708 } else { … … 733 731 return false; 734 732 } 735 733 736 // no underscore before capabilities in $base_capabilities_key 734 // no underscore before capabilities in $base_capabilities_key. 737 735 $base_capabilities_key = $wpdb->base_prefix . 'capabilities'; 738 736 $site_capabilities_key = $wpdb->base_prefix . $blog_id . '_capabilities'; 739 737 740 if ( isset( $keys[ $base_capabilities_key ] ) && $blog_id == 1) {738 if ( isset( $keys[ $base_capabilities_key ] ) && 1 == $blog_id ) { 741 739 return true; 742 740 } 743 741 … … 762 760 * @param bool $unique Optional, default is false. Whether the same key should not be added. 763 761 * @return int|false Meta ID on success, false on failure. 764 762 */ 765 function add_user_meta( $user_id, $meta_key, $meta_value, $unique = false) {766 return add_metadata( 'user', $user_id, $meta_key, $meta_value, $unique);763 function add_user_meta( $user_id, $meta_key, $meta_value, $unique = false ) { 764 return add_metadata( 'user', $user_id, $meta_key, $meta_value, $unique ); 767 765 } 768 766 769 767 /** … … 776 774 * @since 3.0.0 777 775 * @link https://codex.wordpress.org/Function_Reference/delete_user_meta 778 776 * 779 * @param int $user_id User ID 777 * @param int $user_id User ID. 780 778 * @param string $meta_key Metadata name. 781 779 * @param mixed $meta_value Optional. Metadata value. 782 780 * @return bool True on success, false on failure. 783 781 */ 784 function delete_user_meta( $user_id, $meta_key, $meta_value = '') {785 return delete_metadata( 'user', $user_id, $meta_key, $meta_value);782 function delete_user_meta( $user_id, $meta_key, $meta_value = '' ) { 783 return delete_metadata( 'user', $user_id, $meta_key, $meta_value ); 786 784 } 787 785 788 786 /** … … 796 794 * @param bool $single Whether to return a single value. 797 795 * @return mixed Will be an array if $single is false. Will be value of meta data field if $single is true. 798 796 */ 799 function get_user_meta( $user_id, $key = '', $single = false) {800 return get_metadata( 'user', $user_id, $key, $single);797 function get_user_meta( $user_id, $key = '', $single = false ) { 798 return get_metadata( 'user', $user_id, $key, $single ); 801 799 } 802 800 803 801 /** … … 817 815 * @param mixed $prev_value Optional. Previous value to check before removing. 818 816 * @return int|bool Meta ID if the key didn't exist, true on successful update, false on failure. 819 817 */ 820 function update_user_meta( $user_id, $meta_key, $meta_value, $prev_value = '') {821 return update_metadata( 'user', $user_id, $meta_key, $meta_value, $prev_value);818 function update_user_meta( $user_id, $meta_key, $meta_value, $prev_value = '' ) { 819 return update_metadata( 'user', $user_id, $meta_key, $meta_value, $prev_value ); 822 820 } 823 821 824 822 /** … … 834 832 * 835 833 * @global wpdb $wpdb WordPress database abstraction object. 836 834 * 837 * @param string $strategy 'time' or 'memory' 835 * @param string $strategy 'time' or 'memory'. 838 836 * @return array Includes a grand total and an array of counts indexed by role strings. 839 837 */ 840 function count_users( $strategy = 'time') {838 function count_users( $strategy = 'time' ) { 841 839 global $wpdb; 842 840 843 // Initialize 841 // Initialize. 844 842 $id = get_current_blog_id(); 845 $blog_prefix = $wpdb->get_blog_prefix( $id);843 $blog_prefix = $wpdb->get_blog_prefix( $id ); 846 844 $result = array(); 847 845 848 846 if ( 'time' == $strategy ) { … … 854 852 $select_count[] = $wpdb->prepare( "COUNT(NULLIF(`meta_value` LIKE %s, false))", '%' . $wpdb->esc_like( '"' . $this_role . '"' ) . '%'); 855 853 } 856 854 $select_count[] = "COUNT(NULLIF(`meta_value` = 'a:0:{}', false))"; 857 $select_count = implode( ', ', $select_count);855 $select_count = implode( ', ', $select_count ); 858 856 859 857 // Add the meta_value index to the selection list, then run the query. 860 858 $row = $wpdb->get_row( " … … 894 892 " ); 895 893 896 894 foreach ( $users_of_blog as $caps_meta ) { 897 $b_roles = maybe_unserialize( $caps_meta);895 $b_roles = maybe_unserialize( $caps_meta ); 898 896 if ( ! is_array( $b_roles ) ) 899 897 continue; 900 898 if ( empty( $b_roles ) ) { … … 901 899 $avail_roles['none']++; 902 900 } 903 901 foreach ( $b_roles as $b_role => $val ) { 904 if ( isset( $avail_roles[$b_role]) ) {902 if ( isset( $avail_roles[$b_role] ) ) { 905 903 $avail_roles[$b_role]++; 906 904 } else { 907 905 $avail_roles[$b_role] = 1; … … 911 909 912 910 $result['total_users'] = count( $users_of_blog ); 913 911 $result['avail_roles'] =& $avail_roles; 914 } 912 } // End if(). 915 913 916 914 if ( is_multisite() ) { 917 915 $result['avail_roles']['none'] = 0; … … 949 947 $user = get_userdata( $for_user_id ); 950 948 951 949 if ( ! $user ) { 952 $user_ID = 0;950 $user_ID = 0; 953 951 $user_level = 0; 954 $userdata = null;952 $userdata = null; 955 953 $user_login = $user_email = $user_url = $user_identity = ''; 956 954 return; 957 955 } … … 1124 1122 } 1125 1123 1126 1124 $output .= "</select>"; 1127 } 1125 } // End if(). 1128 1126 1129 1127 /** 1130 1128 * Filters the wp_dropdown_users() HTML output. … … 1157 1155 * 'attribute' and 'js'. 1158 1156 * @return mixed Sanitized value. 1159 1157 */ 1160 function sanitize_user_field( $field, $value, $user_id, $context) {1158 function sanitize_user_field( $field, $value, $user_id, $context ) { 1161 1159 $int_fields = array('ID'); 1162 if ( in_array( $field, $int_fields) )1160 if ( in_array( $field, $int_fields ) ) 1163 1161 $value = (int) $value; 1164 1162 1165 1163 if ( 'raw' == $context ) 1166 1164 return $value; 1167 1165 1168 if ( ! is_string($value) && !is_numeric($value) )1166 if ( ! is_string( $value ) && ! is_numeric( $value ) ) 1169 1167 return $value; 1170 1168 1171 1169 $prefixed = false !== strpos( $field, 'user_' ); … … 1194 1192 if ( 'description' == $field ) 1195 1193 $value = esc_html( $value ); // textarea_escaped? 1196 1194 else 1197 $value = esc_attr( $value);1195 $value = esc_attr( $value ); 1198 1196 } elseif ( 'db' == $context ) { 1199 1197 if ( $prefixed ) { 1200 1198 /** This filter is documented in wp-includes/post.php */ … … 1235 1233 */ 1236 1234 $value = apply_filters( "user_{$field}", $value, $user_id, $context ); 1237 1235 } 1238 } 1236 } // End if(). 1239 1237 1240 1238 if ( 'user_url' == $field ) 1241 1239 $value = esc_url($value); … … 1253 1251 * 1254 1252 * @since 3.0.0 1255 1253 * 1256 * @param object|WP_User $user User object to be cached 1254 * @param object|WP_User $user User object to be cached. 1257 1255 * @return bool|null Returns false on failure. 1258 1256 */ 1259 1257 function update_user_caches( $user ) { … … 1265 1263 $user = $user->data; 1266 1264 } 1267 1265 1268 wp_cache_add( $user->ID, $user, 'users');1269 wp_cache_add( $user->user_login, $user->ID, 'userlogins');1270 wp_cache_add( $user->user_email, $user->ID, 'useremail');1271 wp_cache_add( $user->user_nicename, $user->ID, 'userslugs');1266 wp_cache_add( $user->ID, $user, 'users' ); 1267 wp_cache_add( $user->user_login, $user->ID, 'userlogins' ); 1268 wp_cache_add( $user->user_email, $user->ID, 'useremail' ); 1269 wp_cache_add( $user->user_nicename, $user->ID, 'userslugs' ); 1272 1270 } 1273 1271 1274 1272 /** … … 1277 1275 * @since 3.0.0 1278 1276 * @since 4.4.0 'clean_user_cache' action was added. 1279 1277 * 1280 * @param WP_User|int $user User object or ID to be cleaned from the cache 1278 * @param WP_User|int $user User object or ID to be cleaned from the cache. 1281 1279 */ 1282 1280 function clean_user_cache( $user ) { 1283 1281 if ( is_numeric( $user ) ) … … 1419 1417 1420 1418 // Are we updating or creating? 1421 1419 if ( ! empty( $userdata['ID'] ) ) { 1422 $ID = ( int) $userdata['ID'];1420 $ID = ( int ) $userdata['ID']; 1423 1421 $update = true; 1424 1422 $old_user_data = get_userdata( $ID ); 1425 1423 … … 1427 1425 return new WP_Error( 'invalid_user_id', __( 'Invalid user ID.' ) ); 1428 1426 } 1429 1427 1430 // hashed in wp_update_user(), plaintext if called directly 1428 // hashed in wp_update_user(), plaintext if called directly. 1431 1429 $user_pass = ! empty( $userdata['user_pass'] ) ? $userdata['user_pass'] : $old_user_data->user_pass; 1432 1430 } else { 1433 1431 $update = false; 1434 // Hash the password 1432 // Hash the password. 1435 1433 $user_pass = wp_hash_password( $userdata['user_pass'] ); 1436 1434 } 1437 1435 … … 1448 1446 */ 1449 1447 $pre_user_login = apply_filters( 'pre_user_login', $sanitized_user_login ); 1450 1448 1451 //Remove any non-printable chars from the login string to see if we have ended up with an empty username 1449 //Remove any non-printable chars from the login string to see if we have ended up with an empty username. 1452 1450 $user_login = trim( $pre_user_login ); 1453 1451 1454 1452 // user_login must be between 0 and 60 characters. 1455 1453 if ( empty( $user_login ) ) { 1456 return new WP_Error( 'empty_user_login', __('Cannot create a user with an empty login name.') );1454 return new WP_Error( 'empty_user_login', __( 'Cannot create a user with an empty login name.' ) ); 1457 1455 } elseif ( mb_strlen( $user_login ) > 60 ) { 1458 1456 return new WP_Error( 'user_login_too_long', __( 'Username may not be longer than 60 characters.' ) ); 1459 1457 } … … 1624 1622 1625 1623 if ( $user_nicename_check ) { 1626 1624 $suffix = 2; 1627 while ( $user_nicename_check) {1625 while ( $user_nicename_check ) { 1628 1626 // user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix. 1629 1627 $base_length = 49 - mb_strlen( $suffix ); 1630 1628 $alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . "-$suffix"; … … 1691 1689 if ( isset( $userdata['role'] ) ) { 1692 1690 $user->set_role( $userdata['role'] ); 1693 1691 } elseif ( ! $update ) { 1694 $user->set_role( get_option('default_role'));1692 $user->set_role( get_option( 'default_role' ) ); 1695 1693 } 1696 1694 wp_cache_delete( $user_id, 'users' ); 1697 1695 wp_cache_delete( $user_login, 'userlogins' ); … … 1736 1734 * @param mixed $userdata An array of user data or a user object of type stdClass or WP_User. 1737 1735 * @return int|WP_Error The updated user's ID or a WP_Error object if the user could not be updated. 1738 1736 */ 1739 function wp_update_user( $userdata) {1737 function wp_update_user( $userdata ) { 1740 1738 if ( $userdata instanceof stdClass ) { 1741 1739 $userdata = get_object_vars( $userdata ); 1742 1740 } elseif ( $userdata instanceof WP_User ) { … … 1748 1746 return new WP_Error( 'invalid_user_id', __( 'Invalid user ID.' ) ); 1749 1747 } 1750 1748 1751 // First, get all of the original fields 1749 // First, get all of the original fields. 1752 1750 $user_obj = get_userdata( $ID ); 1753 1751 if ( ! $user_obj ) { 1754 1752 return new WP_Error( 'invalid_user_id', __( 'Invalid user ID.' ) ); … … 1756 1754 1757 1755 $user = $user_obj->to_array(); 1758 1756 1759 // Add additional custom fields 1757 // Add additional custom fields. 1760 1758 foreach ( _get_additional_user_keys( $user_obj ) as $key ) { 1761 1759 $user[ $key ] = get_user_meta( $ID, $key, true ); 1762 1760 } … … 1765 1763 $user = add_magic_quotes( $user ); 1766 1764 1767 1765 if ( ! empty( $userdata['user_pass'] ) && $userdata['user_pass'] !== $user_obj->user_pass ) { 1768 // If password is changing, hash it now 1766 // If password is changing, hash it now. 1769 1767 $plaintext_pass = $userdata['user_pass']; 1770 1768 $userdata['user_pass'] = wp_hash_password( $userdata['user_pass'] ); 1771 1769 … … 1870 1868 $pass_change_email['message'] = str_replace( '###SITEURL###', home_url(), $pass_change_email['message'] ); 1871 1869 1872 1870 wp_mail( $pass_change_email['to'], sprintf( $pass_change_email['subject'], $blog_name ), $pass_change_email['message'], $pass_change_email['headers'] ); 1873 } 1871 } // End if(). 1874 1872 1875 1873 if ( ! empty( $send_email_change_email ) ) { 1876 1874 /* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */ … … 1925 1923 $email_change_email['message'] = str_replace( '###SITEURL###', home_url(), $email_change_email['message'] ); 1926 1924 1927 1925 wp_mail( $email_change_email['to'], sprintf( $email_change_email['subject'], $blog_name ), $email_change_email['message'], $email_change_email['headers'] ); 1928 } 1926 } // End if(). 1929 1927 1930 1928 if ( $switched_locale ) { 1931 1929 restore_previous_locale(); 1932 1930 } 1933 } 1931 } // End if(). 1934 1932 1935 1933 // Update the cookies if the password changed. 1936 1934 $current_user = wp_get_current_user(); 1937 1935 if ( $current_user->ID == $ID ) { 1938 if ( isset( $plaintext_pass) ) {1936 if ( isset( $plaintext_pass ) ) { 1939 1937 wp_clear_auth_cookie(); 1940 1938 1941 1939 // Here we calculate the expiration length of the current auth cookie and compare it to the default expiration. … … 1967 1965 * @return int|WP_Error The newly created user's ID or a WP_Error object if the user could not 1968 1966 * be created. 1969 1967 */ 1970 function wp_create_user( $username, $password, $email = '') {1968 function wp_create_user( $username, $password, $email = '' ) { 1971 1969 $user_login = wp_slash( $username ); 1972 $user_email = wp_slash( $email 1970 $user_email = wp_slash( $email ); 1973 1971 $user_pass = $password; 1974 1972 1975 $userdata = compact( 'user_login', 'user_email', 'user_pass');1976 return wp_insert_user( $userdata);1973 $userdata = compact( 'user_login', 'user_email', 'user_pass' ); 1974 return wp_insert_user( $userdata ); 1977 1975 } 1978 1976 1979 1977 /** … … 2009 2007 $methods = array( 2010 2008 'aim' => __( 'AIM' ), 2011 2009 'yim' => __( 'Yahoo IM' ), 2012 'jabber' => __( 'Jabber / Google Talk' ) 2010 'jabber' => __( 'Jabber / Google Talk' ), 2013 2011 ); 2014 2012 } 2015 2013 … … 2019 2017 * @since 2.9.0 2020 2018 * 2021 2019 * @param array $methods Array of contact methods and their labels. 2020 * 2022 2021 * @param WP_User $user WP_User object. 2023 2022 */ 2024 2023 return apply_filters( 'user_contactmethods', $methods, $user ); … … 2160 2159 * @param string $login The user login. 2161 2160 * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys. 2162 2161 */ 2163 function check_password_reset_key( $key, $login) {2162 function check_password_reset_key( $key, $login ) { 2164 2163 global $wpdb, $wp_hasher; 2165 2164 2166 2165 $key = preg_replace('/[^a-z0-9]/i', '', $key); 2167 2166 2168 if ( empty( $key ) || ! is_string( $key ) )2167 if ( empty( $key ) || ! is_string( $key ) ) 2169 2168 return new WP_Error('invalid_key', __('Invalid key')); 2170 2169 2171 if ( empty($login) || ! is_string($login) )2170 if ( empty($login) || ! is_string($login) ) 2172 2171 return new WP_Error('invalid_key', __('Invalid key')); 2173 2172 2174 2173 $row = $wpdb->get_row( $wpdb->prepare( "SELECT ID, user_activation_key FROM $wpdb->users WHERE user_login = %s", $login ) ); … … 2206 2205 if ( $hash_is_correct && $expiration_time && time() < $expiration_time ) { 2207 2206 return get_userdata( $row->ID ); 2208 2207 } elseif ( $hash_is_correct && $expiration_time ) { 2209 // Key has an expiration time that's passed 2208 // Key has an expiration time that's passed. 2210 2209 return new WP_Error( 'expired_key', __( 'Invalid key' ) ); 2211 2210 } 2212 2211 … … 2236 2235 * 2237 2236 * @since 2.5.0 2238 2237 * 2239 * @param object $user The user 2240 * @param string $new_pass New password for the user in plaintext 2238 * @param object $user The user. 2239 * @param string $new_pass New password for the user in plaintext. 2241 2240 */ 2242 2241 function reset_password( $user, $new_pass ) { 2243 2242 /** … … 2269 2268 * 2270 2269 * @since 2.5.0 2271 2270 * 2272 * @param string $user_login User's username for logging in 2273 * @param string $user_email User's email address to send password and add 2271 * @param string $user_login User's username for logging in. 2272 * @param string $user_email User's email address to send password and add. 2274 2273 * @return int|WP_Error Either user's ID or error on failure. 2275 2274 */ 2276 2275 function register_new_user( $user_login, $user_email ) { … … 2286 2285 */ 2287 2286 $user_email = apply_filters( 'user_registration_email', $user_email ); 2288 2287 2289 // Check the username 2290 if ( $sanitized_user_login == '') {2288 // Check the username. 2289 if ( '' == $sanitized_user_login ) { 2291 2290 $errors->add( 'empty_username', __( '<strong>ERROR</strong>: Please enter a username.' ) ); 2292 2291 } elseif ( ! validate_username( $user_login ) ) { 2293 2292 $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) ); … … 2303 2302 } 2304 2303 } 2305 2304 2306 // Check the email address 2307 if ( $user_email == '') {2305 // Check the email address. 2306 if ( '' == $user_email ) { 2308 2307 $errors->add( 'empty_email', __( '<strong>ERROR</strong>: Please type your email address.' ) ); 2309 2308 } elseif ( ! is_email( $user_email ) ) { 2310 2309 $errors->add( 'invalid_email', __( '<strong>ERROR</strong>: The email address isn’t correct.' ) ); … … 2501 2500 return $current_user; 2502 2501 } 2503 2502 2504 // Upgrade stdClass to WP_User 2503 // Upgrade stdClass to WP_User. 2505 2504 if ( is_object( $current_user ) && isset( $current_user->ID ) ) { 2506 2505 $cur_id = $current_user->ID; 2507 2506 $current_user = null;