WordPress.org

Make WordPress Core

Opened 3 years ago

Last modified 19 months ago

#16484 new defect (bug)

Attempting to add user with username "0" gives fatal error

Reported by: markjaquith Owned by:
Milestone: Future Release Priority: lowest
Severity: minor Version: 3.1
Component: Users Keywords: has-patch needs-testing
Focuses: Cc:

Description

Create a new user. Use the number 0 as the username. Receive this error:

Catchable fatal error: Object of class WP_Error could not be converted to string in /Users/mark/Sites/wp/wp-includes/formatting.php on line 2818

Attachments (2)

16484.patch (1.4 KB) - added by SergeyBiryukov 3 years ago.
16484.2.diff (3.4 KB) - added by MikeHansenMe 19 months ago.
this patch allows you to log in as 0

Download all attachments as: .zip

Change History (8)

comment:1 Denis-de-Bernardy3 years ago

Who would ever want to been nicknamed zero? :-)

Joke aside, this is related to our use of empty() instead of isset() all over the place. (Best I'm aware, empty('0') returns true.) Similar issues likely apply for posts, terms, options, etc. Suggesting that we close this as maybelater, considering the amount of potential changes...

comment:2 nacin3 years ago

empty('0') returns true, yes. But I don't think we overuse empty() as often you might think.

In this case, it's the deluge of empty() checks in wp_insert_user. Really, these should be !isset() || !strlen(). Clunky, but they'd handle this instance.

Last edited 3 years ago by nacin (previous) (diff)

SergeyBiryukov3 years ago

comment:3 SergeyBiryukov3 years ago

  • Keywords has-patch added

It seems that it's only a single line which prevents user creation in this case.

However if that user is a Contributor or above, I get a notice in wp_dropdown_users():

Notice: Undefined property: stdClass::$user_login in ...wp-includes/user.php on line 1019

Which is also addressed in the patch. But there might be other issues wich such username as well.

comment:4 MikeHansenMe19 months ago

  • Keywords needs-patch added; has-patch removed

The patch does allow you to create the user however once the user is created you cannot log in as that user. You receive the error "ERROR: The username field is empty." there may still be more problems after this.

MikeHansenMe19 months ago

this patch allows you to log in as 0

comment:5 MikeHansenMe19 months ago

  • Keywords has-patch needs-testing added; needs-patch removed

you can log in as user 0 now but it still may cause problems elsewhere so I would recommend a lot of testing.

comment:6 MikeHansenMe19 months ago

  • Cc mdhansen@… added
Note: See TracTickets for help on using tickets.