Changes between Initial Version and Version 1 of Ticket #28435
- Timestamp:
- 06/03/2014 04:58:44 AM (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #28435
-
Property
Summary
changed from
wp_insert_user/wp_update_user break when passed WP_User instancetowp_update_user breaks when passed WP_User instance
-
Property
Summary
changed from
-
Ticket #28435 – Description
initial v1 1 1 Supposedly fixed in #21429. (Tangential to #28019) 2 2 3 If you pass a `WP_User` instance to `wp_update_user` or `wp_insert_user`, it first calls `WP_User::to_array`, which returns the user data from the DB. This is then treated as the input data.3 If you pass a `WP_User` instance to `wp_update_user`, it first calls `WP_User::to_array`, which returns the user data from the DB. This is then treated as the input data. 4 4 5 5 The problem then is that `$userdata['user_pass']` is '''always''' set, as it's always included in `$userdata`. This then gets double-hashed by `wp_update_user`. (`wp_update_user` will then update the cookies, so the user won't notice until they're logged out) … … 29 29 30 30 This operation should have been a no-op, but isn't. 31 32 (Ticket previously stated this happens with `wp_insert_user`; this is incorrect, as `wp_insert_user` doesn't hash the password for updates.)