Opened 13 years ago
Closed 13 years ago
#20372 closed enhancement (fixed)
WP_User::exists()
Reported by: | markjaquith | Owned by: | |
---|---|---|---|
Milestone: | 3.4 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Users | Keywords: | has-patch commit |
Focuses: | Cc: |
Description
Would be good to have a canonical way of testing that a WP_User object refers to a real user.
Attachments (6)
Change History (21)
#1
@
13 years ago
- Component changed from General to Users
- Keywords has-patch commit added
- Milestone changed from Awaiting Review to 3.4
#3
follow-up:
↓ 4
@
13 years ago
Not sure what's going on, but seeing this on WP.org:
Call to a member function exists() on a non-object File: wp-includes/capabilities.php Line: 1371 Source: http://cn.wordpress.org/xmlrpc.php
#4
in reply to:
↑ 3
@
13 years ago
Replying to nacin:
Not sure what's going on, but seeing this on WP.org:
Call to a member function exists() on a non-object File: wp-includes/capabilities.php Line: 1371 Source: http://cn.wordpress.org/xmlrpc.php
This happens on Multisite installations. ms_site_check() is called in wp-settings.php and it tries to use is_super_admin() which gets NULL
from wp_get_current_user() since this is an XML-RPC request.
#5
@
13 years ago
Fatal error: Call to a member function exists() on a non-object in /home/www/wordpress.lo/trunk/wp-includes/capabilities.php on line 1371 Call Stack: 0.0004 140172 1. {main}() /home/www/wordpress.lo/trunk/xmlrpc.php:0 0.0008 148492 2. include('/home/www/wordpress.lo/trunk/wp-load.php') /home/www/wordpress.lo/trunk/xmlrpc.php:29 0.0012 155948 3. require_once('/home/www/wordpress.lo/trunk/wp-config.php') /home/www/wordpress.lo/trunk/wp-load.php:29 0.0024 199076 4. require_once('/home/www/wordpress.lo/trunk/wp-settings.php') /home/www/wordpress.lo/trunk/wp-config.php:101 0.3641 8247928 5. ms_site_check() /home/www/wordpress.lo/trunk/wp-settings.php:308 0.3641 8248084 6. is_super_admin() /home/www/wordpress.lo/trunk/wp-includes/ms-load.php:80
#6
follow-up:
↓ 8
@
13 years ago
I looked at [3430] and wp_xmlrpc_server::login(). I feel like get_currentuserinfo() should call wp_set_current_user(0) in the XMLRPC_REQUEST branch. That would mean that wp_get_current_user() would always return a WP_User object, which it does in literally every other situation.
If wp_get_current_user() returns a non-existent user before login() runs in XML-RPC, I think that's just fine. $current_user should never be null after calling get_currentuserinfo().
I am going to commit this to avoid seeing the fatal error in trunk, but open for discussion for what the best fix would be.
#8
in reply to:
↑ 6
@
13 years ago
Replying to nacin:
I looked at [3430] and wp_xmlrpc_server::login(). I feel like get_currentuserinfo() should call wp_set_current_user(0) in the XMLRPC_REQUEST branch. That would mean that wp_get_current_user() would always return a WP_User object, which it does in literally every other situation.
If wp_get_current_user() returns a non-existent user before login() runs in XML-RPC, I think that's just fine. $current_user should never be null after calling get_currentuserinfo().
I was thinking along similar lines. Maybe even explicit wp_set_current_user(0) in WP::init() so we can be sure that the $current_user global is always a WP_User object.
Looking at the code it would require that get_currentuserinto() switches to using the exists() method too.
#9
@
13 years ago
Simple unit tests for exists():
http://unit-tests.trac.wordpress.org/changeset/654
Also tested pretty well by http://unit-tests.trac.wordpress.org/changeset/619
#10
@
13 years ago
20372.4.diff looks good. Should prevent a lot of issues. I like it, a lot.
#13
in reply to:
↑ 7
@
13 years ago
Replying to nacin:
In [20402]:
As reported by koke in IRC this breaks caps checks during XML-RPC requests. This is because the call to wp_get_current_user() in current_user_can() makes get_currentuserinfo() override the user set by wp_xmlrpc_server::login().
A solution would be to move the XMLRPC_REQUEST block to come after the check for a non-empty $current_user global, see attached patch.
WP_Theme has the same method.