Opened 4 years ago
Last modified 5 months ago
#53109 reviewing defect (bug)
wp_insert_user should return a WP_Error when passing a too long first_name parameter
Reported by: | superpuperlesha | Owned by: | audrasjb |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | |
Component: | Users | Keywords: | has-patch |
Focuses: | Cc: |
Description
When I call the wp_insert_user function to which I pass too long first_name, I do not get an error, but I get a 0-integer. Although the documentation says, either wp_error or integer-ok.
P.S. I create user with this function ..
Change History (5)
#1
@
4 years ago
- Focuses coding-standards removed
- Owner set to audrasjb
- Status changed from new to reviewing
- Summary changed from wp_insert_user return 0 to wp_insert_user should return a WP_Error when passing a too long first_name parameter
- Version 5.7 deleted
#2
@
4 years ago
Hi there, welcome to WordPress Trac! Thanks for the report.
Looks like this was previously mentioned in comment:3:ticket:14290 but never addressed.
A similar issue was resolved in WordPress 4.4 for user_login
and user_nicename
fields: [34218] / #33793, #33820. Looks like we need the same for first_name
and last_name
.
#3
follow-up:
↓ 4
@
4 years ago
I found something interesting: it looks like the limit is at 250 character. Also, I'm not sure it's really related to the first_name
or last_name
metadata.
I believe it's more related to the fact that display_name
is based on first_name
/last_name
metadata.
For the moment, I wasn't able to find where this 250 char limit is set. @SergeyBiryukov do you have any clue?
#4
in reply to:
↑ 3
@
4 years ago
Replying to audrasjb:
I believe it's more related to the fact that
display_name
is based onfirst_name
/last_name
metadata.
Ah, good point.
For the moment, I wasn't able to find where this 250 char limit is set. @SergeyBiryukov do you have any clue?
I think it's in the database schema: display_name varchar(250) NOT NULL default ''
.
This ticket was mentioned in PR #7059 on WordPress/wordpress-develop by @debarghyabanerjee.
5 months ago
#5
- Keywords has-patch added; needs-patch removed
Trac Ticket: Core-53109
## Problem Statement:
- When calling the
wp_insert_user
function with an excessively long first_name, instead of receiving an error as per documentation, the function returns a 0 integer. This behavior contradicts the expected outcomes defined by WordPress standards, where the function should return either aWP_Error
object or a positive integer indicating success.
## Solution:
- Implemented enhancements to ensure adherence to WordPress standards:
- Trim the
display_name
when it exceeds250
characters, considering combinations offirst_name
andlast_name
, or standalonefirst_name
orlast_name
.
- Validate display_name length during user creation/update processes, ensuring errors are returned if the limit is exceeded.
## Technical Details:
- Trimmed display_name logic implemented in
wp_insert_user
function to handle variations infirst_name
andlast_name
combinations.
- Added validation checks to enforce a maximum
display_name
length of250
characters, returning appropriate errors when exceeded.
- Rationale for
first_name
andlast_name
Limit:
- The decision to not enforce limits on
first_name
andlast_name
fields is based on their storage in post_meta, where WordPress traditionally allows for flexible data lengths. This approach maintains backward compatibility and accommodates diverse use cases without imposing unnecessary constraints on user data entry.
## Testing Done:
- Unit tests added to cover scenarios with different combinations of
first_name
andlast_name
, ensuring display_name trimming and length validation functions correctly.
- Integration testing performed to validate backward compatibility and ensure no regressions in user creation/update functionality.
## Impact:
- This change ensures consistency and reliability in user creation operations within WordPress. Developers relying on
wp_insert_user
will receive expected error handling and validation feedback, improving overall usability and robustness of user management features.
Hi, welcome to WordPress Trac @superpuperlesha and thank you for the ticket,
Looking at a glance, wp_insert_user should return WP_Error or create the user without this parameter. Self-assigning the ticket for further investigation.