Opened 2 years ago
Last modified 13 months ago
#56028 reviewing defect (bug)
Pass the user object instead of recall get user function
Reported by: | pbearne | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | |
Component: | Users | Keywords: | has-patch has-unit-tests 2nd-opinion |
Focuses: | Cc: |
Description (last modified by )
IN wp_ajax_send_password_reset we have
<?php $user = get_userdata( $user_id ); $results = retrieve_password( $user->user_email );
then in retrieve_password we have
<?php if ( empty( $user_login ) ) { $errors->add( 'empty_username', __( '<strong>Error:</strong> Please enter a username or email address.' ) ); } elseif ( strpos( $user_login, '@' ) ) { $user_data = get_user_by( 'email', trim( wp_unslash( $user_login ) ) ); if ( empty( $user_data ) ) { $errors->add( 'invalid_email', __( '<strong>Error:</strong> There is no account with that username or email address.' ) ); } } else { $user_data = get_user_by( 'login', trim( wp_unslash( $user_login ) ) ); }
This patch allows us to pass a user object and bypass the second call to find the user
Change History (10)
This ticket was mentioned in PR #2838 on WordPress/wordpress-develop by pbearne.
2 years ago
#1
- Keywords has-patch has-unit-tests added
#4
follow-up:
↓ 6
@
2 years ago
What the benefit of passing the WP_User here? The WP_User is in cache here, so getting it out of cache isn't that bad for performance. What problem are we trying to solve here.
#6
in reply to:
↑ 4
@
2 years ago
Replying to spacedmonkey:
What the benefit of passing the WP_User here? The WP_User is in cache here, so getting it out of cache isn't that bad for performance. What problem are we trying to solve here.
It is a tidy-up and gives us another way to call the function
It came out of fixing https://core.trac.wordpress.org/ticket/53634 where the fix was to change what I passed to this function Been able to pass the use it solve having to pre-select what field to use to find the user.
This ticket was mentioned in Slack in #core by pbearne. View the logs.
2 years ago
#8
@
2 years ago
- Owner changed from pbearne to davidbaumwald
- Status changed from assigned to reviewing
#9
@
2 years ago
- Keywords 2nd-opinion added
Thinking about this a bit more, I am a little concerned about changing the signature here based on its age and the fact that this shares commonality/consistency with the retrieve_password
filter that's used elsewhere.
A directory search for retrieve_password
shows some false positives(custom functions, etc.) and some point to the usage of the filter, not the function.
The spirit of this function is heavily influenced by the user's login, either passed directly or referenced in the current $_REQUEST vars.
Also, I agree with @spacedmonkey about the caching being used here, so I think the hit might be negligible.
I think it's possible to update the function to allow for WP_User
object to be passed and grab the user_login
prop if it was indeed passed.
Marking this for 2nd-opinion
to hopefully get some guidance.
Trac ticket: https://core.trac.wordpress.org/ticket/56028