WordPress.org

Make WordPress Core

Opened 6 years ago

Last modified 6 months ago

#27606 new defect (bug)

"Add Existing User" form does not preserve input in case of an error

Reported by: SergeyBiryukov Owned by:
Milestone: Awaiting Review Priority: low
Severity: minor Version:
Component: Users Keywords: has-patch needs-refresh
Focuses: administration, multisite Cc:
PR Number:

Description

Background: #27006

In single site, "Add New User" form preserves entered values in case of an error.

In Multisite, "Add New User" form preserves the values, but "Add Existing User" does not.

In network admin, "Add New User" form does not preserve the values.

Attachments (1)

27606.patch (4.6 KB) - added by boonebgorges 5 years ago.

Download all attachments as: .zip

Change History (9)

#1 @helen
6 years ago

We should of course do this on the server side, but when autocomplete is in use, we really should only allow selection of an option and not the submission of freeform typing. See my comment on #19867.

#2 @boonebgorges
5 years ago

  • Keywords has-patch added

27606.patch fixes the issue.

The case of Network Admin > Add New User was straightforward. The case of Multisite > Add New User was a bit different, because a wp_redirect() takes place after the error, which means we lose the values submitted in $_POST. I've opted to add them as URL parameters when redirecting.

when autocomplete is in use, we really should only allow selection of an option and not the submission of freeform typing

Yes, but that's a bigger fish to fry, so I wrote a fix for the current implementation.

@boonebgorges
5 years ago

This ticket was mentioned in Slack in #core by jeremyfelt. View the logs.


5 years ago

#4 @swissspidy
4 years ago

  • Component changed from Networks and Sites to Users
  • Focuses administration added; multisite removed
  • Keywords needs-refresh added

#5 @jeremyfelt
4 years ago

  • Focuses multisite added

#6 @SergeyBiryukov
4 years ago

foreach ( array( 'username', 'email' ) as $post_key ) {
    $$post_key = isset( $_POST['user'][ $post_key ] ) ? stripslashes( $_POST['user'][ $post_key ] ) : '';
} 

Should probably avoid variable variables, see [28736] and other commits.

Note: See TracTickets for help on using tickets.