Users: prevent saving empty passwords, trim space from password ends on save.

Fix an issue where users could save a password with only spaces, or spaces at the beginning or end of their password, preventing them from logging in.

Props ronakganatra, 1naveengiri, ajensen, oolleegg55, bookdude13, nrqsnchz, aristath.
Fixes #42766.


Built from https://develop.svn.wordpress.org/trunk@49118


git-svn-id: http://core.svn.wordpress.org/trunk@48880 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-admin/includes/user.php

@@ -47,10 +47,10 @@ function edit_user( $user_id = 0 ) {
 	$pass1 = '';
 	$pass2 = '';
 	if ( isset( $_POST['pass1'] ) ) {
-		$pass1 = $_POST['pass1'];
+		$pass1 = trim( $_POST['pass1'] );
 	}
 	if ( isset( $_POST['pass2'] ) ) {
-		$pass2 = $_POST['pass2'];
+		$pass2 = trim( $_POST['pass2'] );
 	}
 
 	if ( isset( $_POST['role'] ) && current_user_can( 'promote_users' ) && ( ! $user_id || current_user_can( 'promote_user', $user_id ) ) ) {

wp-admin/js/user-profile.js

@@ -215,7 +215,7 @@
 		var pass1 = $('#pass1').val(), strength;
 
 		$('#pass-strength-result').removeClass('short bad good strong empty');
-		if ( ! pass1 ) {
+		if ( ! pass1 || '' ===  pass1.trim() ) {
 			$( '#pass-strength-result' ).addClass( 'empty' ).html( ' ' );
 			return;
 		}

wp-includes/version.php

@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.6-alpha-49117';
+$wp_version = '5.6-alpha-49118';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.