When fetching the user in get_currentuserinfo(), make sure it is a valid WP_User object. If it is stdClass, upgrade it to WP_User. If it is WP_Error, an int, or anything else, set the current user to ID 0.
In wp_set_current_user(), return the current user global only if it is a WP_User object. If it is not, fall through and go about setting it up properly. Formatting cleanups for both functions. see #20372 git-svn-id: http://svn.automattic.com/wordpress/trunk@20410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
29f50a637a
commit
a831898020
|
@ -27,7 +27,7 @@ if ( !function_exists('wp_set_current_user') ) :
|
|||
function wp_set_current_user($id, $name = '') {
|
||||
global $current_user;
|
||||
|
||||
if ( isset($current_user) && ($id == $current_user->ID) )
|
||||
if ( isset( $current_user ) && ( $current_user instanceof WP_User ) && ( $id == $current_user->ID ) )
|
||||
return $current_user;
|
||||
|
||||
$current_user = new WP_User( $id, $name );
|
||||
|
@ -79,9 +79,24 @@ function get_currentuserinfo() {
|
|||
return false;
|
||||
}
|
||||
|
||||
if ( ! empty($current_user) )
|
||||
if ( ! empty( $current_user ) ) {
|
||||
if ( $current_user instanceof WP_User )
|
||||
return;
|
||||
|
||||
// Upgrade stdClass to WP_User
|
||||
if ( is_object( $current_user ) && isset( $current_user->ID ) ) {
|
||||
$cur_id = $current_user->ID;
|
||||
$current_user = null;
|
||||
wp_set_current_user( $cur_id );
|
||||
return;
|
||||
}
|
||||
|
||||
// $current_user has a junk value. Force to WP_User with ID 0.
|
||||
$current_user = null;
|
||||
wp_set_current_user( 0 );
|
||||
return false;
|
||||
}
|
||||
|
||||
if ( ! $user = wp_validate_auth_cookie() ) {
|
||||
if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[LOGGED_IN_COOKIE] ) || !$user = wp_validate_auth_cookie( $_COOKIE[LOGGED_IN_COOKIE], 'logged_in' ) ) {
|
||||
wp_set_current_user( 0 );
|
||||
|
|
Loading…
Reference in New Issue