Context Navigation

← Previous Change
Next Change →

user.php

Timestamp:

01/28/2021 12:31:10 AM (4 years ago)

Author:

whyisjake

Message:

App Passwords: Only attempt auth if the username and password are set.

Previously, only the username was checked which caused a PHP warning in some server setups, for instance Shibboleth SSO, where the server only populates the PHP_AUTH_USER field.

This brings the changes from [49919] to the 5.6 branch.

Props MadtownLems, johnbillion, richard.tape, engahmeds3ed, TimothyBlynJacobs.

Fixes #52003.

Location:

branches/5.6

Files:

: 2 edited

. (modified) (1 prop)
src/wp-includes/user.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

branches/5.6
- Property svn:mergeinfo changed
  /trunk merged: 49919

branches/5.6/src/wp-includes/user.php

r49754	r50045
462	462	}
463	463
464		// ~~Check that we're trying to authenticate~~
465		if ( ! isset( $_SERVER['PHP_AUTH_USER'] ) ) {
	464	// Both $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] must be set in order to attempt authentication.
	465	if ( ! isset( $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] ) ) {
466	466	return $input_user;
467	467	}

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changeset 50045 for branches/5.6/src/wp-includes/user.php

Legend:

branches/5.6

branches/5.6/src/wp-includes/user.php

Download in other formats: