Opened 5 years ago
Last modified 23 months ago
#34889 new defect (bug)
wp_check_password() and issue with trailing space
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 4.1.1 |
| Component: | Login and Registration | Keywords: | has-patch needs-testing needs-unit-tests dev-feedback 2nd-opinion |
| Focuses: | administration | Cc: |
Description
I have users logging in via wp-login.php and then filling out a custom form with the last field entered being their WordPress password.
One specific user can login fine to wp-login.php but when she enters information on the form and her WordPress password, validation fails on wp_check_password().
I realized that her password contains a space at the end.
By creating a brand new user and ensuring it contains a space the bug is evident with the test script I've uploaded.
The version of the production site at the moment is 4.1.1 of where I first saw the bug, but I can reproduce this issue on a brand new WordPress install of 4.3.1 and from the github version currently at 4.5-alpha-35794.
Looks like it's related to but different than ticket
I've added trim for $password in wp_check_password.