Don't use variable variables in `user-new.php`. Test by causing errors when creating a new user.
See #27881. Built from https://develop.svn.wordpress.org/trunk@28745 git-svn-id: http://core.svn.wordpress.org/trunk@28559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
fd838ccb2b
commit
9a286d75fd
|
@ -339,16 +339,16 @@ if ( current_user_can( 'create_users') ) {
|
|||
<?php wp_nonce_field( 'create-user', '_wpnonce_create-user' ); ?>
|
||||
<?php
|
||||
// Load up the passed data, else set to a default.
|
||||
foreach ( array( 'user_login' => 'login', 'first_name' => 'firstname', 'last_name' => 'lastname',
|
||||
'email' => 'email', 'url' => 'uri', 'role' => 'role', 'send_password' => 'send_password', 'noconfirmation' => 'ignore_pass' ) as $post_field => $var ) {
|
||||
$var = "new_user_$var";
|
||||
if( isset( $_POST['createuser'] ) ) {
|
||||
if ( ! isset($$var) )
|
||||
$$var = isset( $_POST[$post_field] ) ? wp_unslash( $_POST[$post_field] ) : '';
|
||||
} else {
|
||||
$$var = false;
|
||||
}
|
||||
}
|
||||
$creating = isset( $_POST['createuser'] );
|
||||
|
||||
$new_user_login = $creating && isset( $_POST['user_login'] ) ? wp_unslash( $_POST['user_login'] ) : '';
|
||||
$new_user_firstname = $creating && isset( $_POST['first_name'] ) ? wp_unslash( $_POST['first_name'] ) : '';
|
||||
$new_user_lastname = $creating && isset( $_POST['last_name'] ) ? wp_unslash( $_POST['last_name'] ) : '';
|
||||
$new_user_email = $creating && isset( $_POST['email'] ) ? wp_unslash( $_POST['email'] ) : '';
|
||||
$new_user_uri = $creating && isset( $_POST['url'] ) ? wp_unslash( $_POST['url'] ) : '';
|
||||
$new_user_role = $creating && isset( $_POST['role'] ) ? wp_unslash( $_POST['role'] ) : '';
|
||||
$new_user_send_password = $creating && isset( $_POST['send_password'] ) ? wp_unslash( $_POST['send_password'] ) : '';
|
||||
$new_user_ignore_pass = $creating && isset( $_POST['noconfirmation'] ) ? wp_unslash( $_POST['noconfirmation'] ) : '';
|
||||
|
||||
?>
|
||||
<table class="form-table">
|
||||
|
|
Loading…
Reference in New Issue