WordPress.org

Make WordPress Core

Opened 3 years ago

Last modified 6 months ago

#39370 new defect (bug)

wp_insert_user() appends suffix to nicename when updating already existing user

Reported by: alfhen Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 4.6.1
Component: Users Keywords:
Focuses: Cc:

Description

wp_insert_user() appends suffix to nicename when updating already existing user, even though the user_nicename prop is set to exactly the same value as it currently has.

Steps to reproduce:

  • Asuming you have a user in your wordpress database with the ID 1 and user_nicename set to 'test-nicename'.
  • If you then make an update using wp_insert_user() of that user and in the update set the user_nicename to 'test-nicename', then wordpress will update the user, but append -2 as a suffix to the nicename.

This happens because of a check located on line 1597 - 1609 in wp-includes/user.php

<?php
$user_nicename_check = $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1" , $user_nicename, $user_login));

        if ( $user_nicename_check) {
                $suffix = 2;
                while ($user_nicename_check) {
                        // user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix.
                        $base_length = 49 - mb_strlen( $suffix );
                        $alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . "-$suffix";
                        $user_nicename_check = $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1" , $alt_user_nicename, $user_login));
                        $suffix++;
                }
                $user_nicename = $alt_user_nicename;
        }

This code is there to make sure that there are no duplicate nicenames in the wp_users table, which is fine. However it does not take into account updating the nicename of a user with the same value as it currently has.

The way to solve it is very easy, only simply changes the if() statement to check the id fethced in $user_nicename_check against the ID of the user currently being updated, like so:

<?php
$user_nicename_check = $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1" , $user_nicename, $user_login));

        if ( $user_nicename_check && $ID != $user_nicename_check) {
                $suffix = 2;
                while ($user_nicename_check) {
                        // user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix.
                        $base_length = 49 - mb_strlen( $suffix );
                        $alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . "-$suffix";
                        $user_nicename_check = $wpdb->get_var( $wpdb->prepare("SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1" , $alt_user_nicename, $user_login));
                        $suffix++;
                }
                $user_nicename = $alt_user_nicename;
        }

This makes prevents the code from appending the suffix when the $user_nicename_check ID matches the ID of the user currently being updated

Attachments (1)

39370.patch (636 bytes) - added by alfhen 3 years ago.
Patch with the mentioned fix

Download all attachments as: .zip

Change History (1)

@alfhen
3 years ago

Patch with the mentioned fix

Note: See TracTickets for help on using tickets.