From 7ef604c0525afeda583634661b05d0705e5741fb Mon Sep 17 00:00:00 2001 From: Scott Taylor Date: Wed, 9 Sep 2015 03:42:25 +0000 Subject: [PATCH] Ensure that `role` is not empty before adding it in `add_role()` function and methods. Props MikeHansenMe, dannydehaan, michielhab. Fixes #23746. Built from https://develop.svn.wordpress.org/trunk@33967 git-svn-id: http://core.svn.wordpress.org/trunk@33936 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/capabilities-functions.php | 3 +++ wp-includes/class-wp-roles.php | 3 ++- wp-includes/class-wp-user.php | 4 ++++ wp-includes/version.php | 2 +- 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/wp-includes/capabilities-functions.php b/wp-includes/capabilities-functions.php index 4274fa5383..316b850e7b 100644 --- a/wp-includes/capabilities-functions.php +++ b/wp-includes/capabilities-functions.php @@ -471,6 +471,9 @@ function get_role( $role ) { * @return WP_Role|null WP_Role object if role is added, null if already exists. */ function add_role( $role, $display_name, $capabilities = array() ) { + if ( empty( $role ) ) { + return; + } return wp_roles()->add_role( $role, $display_name, $capabilities ); } diff --git a/wp-includes/class-wp-roles.php b/wp-includes/class-wp-roles.php index 643ee63442..a62c97e65e 100644 --- a/wp-includes/class-wp-roles.php +++ b/wp-includes/class-wp-roles.php @@ -172,8 +172,9 @@ class WP_Roles { * @return WP_Role|void WP_Role object, if role is added. */ public function add_role( $role, $display_name, $capabilities = array() ) { - if ( isset( $this->roles[$role] ) ) + if ( empty( $role ) || isset( $this->roles[ $role ] ) ) { return; + } $this->roles[$role] = array( 'name' => $display_name, diff --git a/wp-includes/class-wp-user.php b/wp-includes/class-wp-user.php index 4005a6edc4..971021a759 100644 --- a/wp-includes/class-wp-user.php +++ b/wp-includes/class-wp-user.php @@ -439,6 +439,10 @@ class WP_User { * @param string $role Role name. */ public function add_role( $role ) { + if ( empty( $role ) ) { + return; + } + $this->caps[$role] = true; update_user_meta( $this->ID, $this->cap_key, $this->caps ); $this->get_role_caps(); diff --git a/wp-includes/version.php b/wp-includes/version.php index 0e11c360f9..733c97a538 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.4-alpha-33966'; +$wp_version = '4.4-alpha-33967'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.