Make WordPress Core

Opened 8 years ago

Last modified 3 months ago

#30959 new defect (bug)

race condition in wp_insert_user()

Reported by: hanelyp's profile hanelyp Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.1
Component: Users Keywords:
Focuses: Cc:

Description

Possibility exists for a user record insert between check if a user name already exists and actual database insert. A unique index on wp_users.user_login would prevent this, and allow the code to operate without a separate database query to check for an existing user.

Change History (5)

#1 @SergeyBiryukov
8 years ago

  • Component changed from General to Users

#2 @chriscct7
7 years ago

Related (and possible solution): #33376

#3 @iandunn
3 months ago

#54071 was marked as a duplicate.

#4 @iandunn
3 months ago

#54071 was marked as a duplicate.

#5 @iandunn
3 months ago

It sounds like adding a `UNIQUE` constraint may not be possible for Core.

r36654 added an index, which should mitigate race conditions to some degree. Not entirely, though, since there's a newer report in #54071.

Note: See TracTickets for help on using tickets.