Changeset 60240

Timestamp:

05/17/2025 01:29:20 PM (8 months ago)

Author:

SergeyBiryukov

Message:

Login and Registration: Check that $_POST value is a string in retrieve_password().

This prevents a fatal error from trim() if an array is passed instead.

Follow-up to [6643], [19056], [41782], [50129], [50140], [59595].

Props leedxw, dilipbheda, mukesh27, SergeyBiryukov.
Fixes #63433.

Location:

trunk

Files:

• src/wp-includes/user.php (modified) (1 diff)
• tests/phpunit/tests/user/retrievePassword.php (modified) (1 diff)

trunk/src/wp-includes/user.php

@@ -3173 +3173 @@
 
     // Use the passed $user_login if available, otherwise use $_POST['user_login'].
-    if ( ! $user_login && ! empty( $_POST['user_login'] ) ) {
+    if ( ! $user_login && ! empty( $_POST['user_login'] ) && is_string( $_POST['user_login'] ) ) {
         $user_login = $_POST['user_login'];
     }

trunk/tests/phpunit/tests/user/retrievePassword.php

@@ -88 +88 @@
         $this->assertWPError( retrieve_password() );
     }
+
+    /**
+     * Tests that a fatal error is not thrown when the login passed via `$_POST`
+     * is an array instead of a string.
+     *
+     * The message that we should not see:
+     * `TypeError: trim(): Argument #1 ($string) must be of type string, array given`.
+     *
+     * @ticket 62794
+     */
+    public function test_retrieve_password_does_not_throw_fatal_error_with_array_parameters() {
+        $_POST['user_login'] = array( 'example' );
+
+        $error = retrieve_password();
+        $this->assertWPError( $error, 'The result should be an instance of WP_Error.' );
+
+        $error_codes = $error->get_error_codes();
+        $this->assertContains( 'empty_username', $error_codes, 'The "empty_username" error code should be present.' );
+    }
 }