Passwords: Deprecate second parameter of `wp_new_user_notification()`.

The second parameter `$plaintext_pass` was removed in [33023] and restored as `$notify` in [33620] with a different behavior. If you have a plugin overriding `wp_new_user_notification()` which hasn't been updated you would get a notification with your username and the password "both".
To prevent this the second parameter is now deprecated and reintroduced as the third parameter.

Adds unit tests.

Props kraftbj, adamsilverstein, welcher, ocean90.
Fixes #33654.

(Don't ask for new pluggables kthxbye)
Built from https://develop.svn.wordpress.org/trunk@34116


git-svn-id: http://core.svn.wordpress.org/trunk@34084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Dominik Schilling 2015-09-14 12:43:26 +00:00
parent 97c0303f41
commit 4af3a3374e
7 changed files with 17 additions and 11 deletions

View File

@ -176,7 +176,7 @@ function edit_user( $user_id = 0 ) {
$user_id = wp_update_user( $user ); $user_id = wp_update_user( $user );
} else { } else {
$user_id = wp_insert_user( $user ); $user_id = wp_insert_user( $user );
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
} }
return $user_id; return $user_id;
} }

View File

@ -94,7 +94,7 @@ if ( wp_validate_action( 'add-site' ) ) {
if ( false === $user_id ) if ( false === $user_id )
wp_die( __( 'There was an error creating the user.' ) ); wp_die( __( 'There was an error creating the user.' ) );
else else
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
} }
$wpdb->hide_errors(); $wpdb->hide_errors();

View File

@ -77,7 +77,7 @@ if ( $action ) {
if ( false === $user_id ) { if ( false === $user_id ) {
$update = 'err_new_dup'; $update = 'err_new_dup';
} else { } else {
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
add_user_to_blog( $id, $user_id, $_POST['new_role'] ); add_user_to_blog( $id, $user_id, $_POST['new_role'] );
$update = 'newuser'; $update = 'newuser';
} }

View File

@ -51,7 +51,7 @@ if ( wp_validate_action( 'add-user' ) ) {
if ( ! $user_id ) { if ( ! $user_id ) {
$add_user_errors = new WP_Error( 'add_user_fail', __( 'Cannot add user.' ) ); $add_user_errors = new WP_Error( 'add_user_fail', __( 'Cannot add user.' ) );
} else { } else {
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
wp_redirect( add_query_arg( array('update' => 'added'), 'user-new.php' ) ); wp_redirect( add_query_arg( array('update' => 'added'), 'user-new.php' ) );
exit; exit;
} }

View File

@ -1690,16 +1690,22 @@ if ( !function_exists('wp_new_user_notification') ) :
* *
* @since 2.0.0 * @since 2.0.0
* @since 4.3.0 The `$plaintext_pass` parameter was changed to `$notify`. * @since 4.3.0 The `$plaintext_pass` parameter was changed to `$notify`.
* @since 4.3.1 The `$plaintext_pass` parameter was deprecated. `$notify` added as a third parameter.
* *
* @global wpdb $wpdb WordPress database object for queries. * @global wpdb $wpdb WordPress database object for queries.
* @global PasswordHash $wp_hasher Portable PHP password hashing framework instance. * @global PasswordHash $wp_hasher Portable PHP password hashing framework instance.
* *
* @param int $user_id User ID. * @param int $user_id User ID.
* @param string $notify Optional. Type of notification that should happen. Accepts 'admin' or an empty * @param null $deprecated Not used (argument deprecated).
* string (admin only), or 'both' (admin and user). The empty string value was kept * @param string $notify Optional. Type of notification that should happen. Accepts 'admin' or an empty
* for backward-compatibility purposes with the renamed parameter. Default empty. * string (admin only), or 'both' (admin and user). The empty string value was kept
* for backward-compatibility purposes with the renamed parameter. Default empty.
*/ */
function wp_new_user_notification( $user_id, $notify = '' ) { function wp_new_user_notification( $user_id, $deprecated = null, $notify = '' ) {
if ( $deprecated !== null ) {
_deprecated_argument( __FUNCTION__, '4.3.1' );
}
global $wpdb, $wp_hasher; global $wpdb, $wp_hasher;
$user = get_userdata( $user_id ); $user = get_userdata( $user_id );

View File

@ -2012,7 +2012,7 @@ function register_new_user( $user_login, $user_email ) {
update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag. update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.
wp_new_user_notification( $user_id, 'both' ); wp_new_user_notification( $user_id, null, 'both' );
return $user_id; return $user_id;
} }

View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.4-alpha-34115'; $wp_version = '4.4-alpha-34116';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.