Ticket #43635: patch

public/wp-includes/class-wp-user-query.php

@@ -580 +580 @@
          * Execute the query, with the current variables.
          *
          * @since 3.1.0
-         *
-         * @global wpdb $wpdb WordPress database abstraction object.
          */
         public function query() {
+        if (!has_action('user_query')) {
+            $this->_query();
+            return;
+        }
+
+        do_action( 'user_query', $this );
+    }
+
+    /**
+     * Execute the query, varswith the current variables.
+     *
+     * @since 3.1.0
+     *
+     * @global wpdb $wpdb WordPress database abstraction object.
+     */
+    protected function _query() {
                 global $wpdb;
 
                 $qv =& $this->query_vars;

public/wp-includes/class-wp-user.php

@@ -121 +121 @@
          * @param int $site_id Optional Site ID, defaults to current site.
          */
         public function __construct( $id = 0, $name = '', $site_id = '' ) {
-                if ( ! isset( self::$back_compat_keys ) ) {
-                        $prefix = $GLOBALS['wpdb']->prefix;
-                        self::$back_compat_keys = array(
-                                'user_firstname' => 'first_name',
-                                'user_lastname' => 'last_name',
-                                'user_description' => 'description',
-                                'user_level' => $prefix . 'user_level',
-                                $prefix . 'usersettings' => $prefix . 'user-settings',
-                                $prefix . 'usersettingstime' => $prefix . 'user-settings-time',
-                        );
-                }
+                $this->initialize_back_compat_keys();
 
                 if ( $id instanceof WP_User ) {
                         $this->init( $id->data, $site_id );
@@ -822 +812 @@
                 return $this->site_id;
         }
 
+        protected function initialize_back_compat_keys() {
+                if ( isset( self::$back_compat_keys ) ) {
+                        return;
+                }
+
+                $prefix                 = $GLOBALS['wpdb']->prefix;
+                self::$back_compat_keys = array(
+                        'user_firstname'             => 'first_name',
+                        'user_lastname'              => 'last_name',
+                        'user_description'           => 'description',
+                        'user_level'                 => $prefix . 'user_level',
+                        $prefix . 'usersettings'     => $prefix . 'user-settings',
+                        $prefix . 'usersettingstime' => $prefix . 'user-settings-time',
+                );
+        }
+
         /**
          * Gets the available user capabilities data.
          *
@@ -829 +835 @@
          *
          * @return array User capabilities array.
          */
-        private function get_caps_data() {
+        protected function get_caps_data() {
                 $caps = get_user_meta( $this->ID, $this->cap_key, true );
 
                 if ( ! is_array( $caps ) ) {

public/wp-includes/user.php

@@ -1691 +1691 @@
          */
         $data = apply_filters( 'wp_pre_insert_user_data', $data, $update, $update ? (int) $ID : null );
 
-        if ( $update ) {
-                if ( $user_email !== $old_user_data->user_email ) {
-                        $data['user_activation_key'] = '';
-                }
-                $wpdb->update( $wpdb->users, $data, compact( 'ID' ) );
-                $user_id = (int) $ID;
+        if ( $data instanceof WP_User ) {
+                $user = $data;
+                $user_id = $user->ID;
         } else {
-                $wpdb->insert( $wpdb->users, $data );
-                $user_id = (int) $wpdb->insert_id;
-        }
+                if ( $update ) {
+                        if ( $user_email !== $old_user_data->user_email ) {
+                                $data['user_activation_key'] = '';
+                        }
+                        $wpdb->update( $wpdb->users, $data, compact( 'ID' ) );
+                        $user_id = (int) $ID;
+                } else {
+                        $wpdb->insert( $wpdb->users, $data );
+                        $user_id = (int) $wpdb->insert_id;
+                }
 
-        $user = new WP_User( $user_id );
+                $user = new WP_User( $user_id );
+        }
 
         /**
          * Filters a user's meta values and keys immediately after the user is created or updated
@@ -2122 +2127 @@
  *
  * @since 4.4.0
  *
- * @global wpdb         $wpdb      WordPress database abstraction object.
  * @global PasswordHash $wp_hasher Portable PHP password hashing framework.
  *
  * @param WP_User $user User to retrieve password reset key for.
@@ -2219 +2223 @@
  * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys.
  */
 function check_password_reset_key($key, $login) {
-        global $wpdb, $wp_hasher;
+        global $wp_hasher;
 
         $key = preg_replace('/[^a-z0-9]/i', '', $key);
 
@@ -2229 +2233 @@
         if ( empty($login) || !is_string($login) )
                 return new WP_Error('invalid_key', __('Invalid key'));
 
-        $row = $wpdb->get_row( $wpdb->prepare( "SELECT ID, user_activation_key FROM $wpdb->users WHERE user_login = %s", $login ) );
-        if ( ! $row )
+        $row = get_user_by('login', $login);
+        if ( ! $row instanceof WP_User )
                 return new WP_Error('invalid_key', __('Invalid key'));
 
         if ( empty( $wp_hasher ) ) {