WordPress.org

Make WordPress Core

Changeset 20410


Ignore:
Timestamp:
04/09/2012 10:01:07 PM (6 years ago)
Author:
ryan
Message:

When fetching the user in get_currentuserinfo(), make sure it is a valid WP_User object. If it is stdClass, upgrade it to WP_User. If it is WP_Error, an int, or anything else, set the current user to ID 0.

In wp_set_current_user(), return the current user global only if it is a WP_User object. If it is not, fall through and go about setting it up properly.

Formatting cleanups for both functions.

see #20372

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/pluggable.php

    r20402 r20410  
    2828    global $current_user;
    2929
    30     if ( isset($current_user) && ($id == $current_user->ID) )
     30    if ( isset( $current_user ) && ( $current_user instanceof WP_User ) && ( $id == $current_user->ID ) )
    3131        return $current_user;
    3232
    33     $current_user = new WP_User($id, $name);
    34 
    35     setup_userdata($current_user->ID);
     33    $current_user = new WP_User( $id, $name );
     34
     35    setup_userdata( $current_user->ID );
    3636
    3737    do_action('set_current_user');
     
    7676
    7777    if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) {
    78         wp_set_current_user(0);
     78        wp_set_current_user( 0 );
    7979        return false;
    8080    }
    8181
    82     if ( ! empty($current_user) )
    83         return;
     82    if ( ! empty( $current_user ) ) {
     83        if ( $current_user instanceof WP_User )
     84            return;
     85
     86        // Upgrade stdClass to WP_User
     87        if ( is_object( $current_user ) && isset( $current_user->ID ) ) {
     88            $cur_id = $current_user->ID;
     89            $current_user = null;
     90            wp_set_current_user( $cur_id );
     91            return;
     92        }
     93
     94        // $current_user has a junk value. Force to WP_User with ID 0.
     95        $current_user = null;
     96        wp_set_current_user( 0 );
     97        return false;
     98    }
    8499
    85100    if ( ! $user = wp_validate_auth_cookie() ) {
    86          if ( is_blog_admin() || is_network_admin() || empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
    87             wp_set_current_user(0);
     101         if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[LOGGED_IN_COOKIE] ) || !$user = wp_validate_auth_cookie( $_COOKIE[LOGGED_IN_COOKIE], 'logged_in' ) ) {
     102            wp_set_current_user( 0 );
    88103            return false;
    89104         }
    90105    }
    91106
    92     wp_set_current_user($user);
     107    wp_set_current_user( $user );
    93108}
    94109endif;
Note: See TracChangeset for help on using the changeset viewer.