Login and Registration: Set correct default values in `wp_signon()`.

The `$credentials['user_login']` and `$credentials['user_password']` parameters are passed by reference to the `wp_authenticate` action, and are at that point [https://www.php.net/manual/en/language.references.pass.php#124383 created as null] if they don't exist in the array.

This commit sets those values to an empty string, resolving two PHP 8.1 deprecation notices:
 * One from `preg_replace()` in `wp_strip_all_tags()` via `sanitize_user()` in `wp_authenticate()`:
{{{
Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}
 * One from `trim()` in `wp_authenticate()` itself:
{{{
Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated
}}}

Includes documenting the `$credentials` parameter using hash notation.

Follow-up to [6643], [37697].

Props lenasterg, TobiasBg, ocean90, afragen, lkraav, SergeyBiryukov.
Fixes #56850.
Built from https://develop.svn.wordpress.org/trunk@55301


git-svn-id: http://core.svn.wordpress.org/trunk@54834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2023-02-09 01:31:22 +00:00
parent d1b96a8e04
commit bc0c01b1ac
2 changed files with 14 additions and 3 deletions

View File

@ -26,13 +26,24 @@
* *
* @global string $auth_secure_cookie * @global string $auth_secure_cookie
* *
* @param array $credentials Optional. User info in order to sign on. * @param array $credentials {
* Optional. User info in order to sign on.
*
* @type string $user_login Username.
* @type string $user_password User password.
* @type bool $remember Whether to 'remember' the user. Increases the time
* that the cookie will be kept. Default false.
* }
* @param string|bool $secure_cookie Optional. Whether to use secure cookie. * @param string|bool $secure_cookie Optional. Whether to use secure cookie.
* @return WP_User|WP_Error WP_User on success, WP_Error on failure. * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
*/ */
function wp_signon( $credentials = array(), $secure_cookie = '' ) { function wp_signon( $credentials = array(), $secure_cookie = '' ) {
if ( empty( $credentials ) ) { if ( empty( $credentials ) ) {
$credentials = array(); // Back-compat for plugins passing an empty string. $credentials = array(
'user_login' => '',
'user_password' => '',
'remember' => false,
);
if ( ! empty( $_POST['log'] ) ) { if ( ! empty( $_POST['log'] ) ) {
$credentials['user_login'] = wp_unslash( $_POST['log'] ); $credentials['user_login'] = wp_unslash( $_POST['log'] );

View File

@ -16,7 +16,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '6.2-beta1-55300'; $wp_version = '6.2-beta1-55301';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.