<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[BuddyPress][10939] branches/2.6: Make sure the password is set to what user chose when signing up with a blog</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="http://buddypress.trac.wordpress.org/changeset/10939">10939</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"http://buddypress.trac.wordpress.org/changeset/10939","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>imath</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2016-07-06 17:00:00 +0000 (Wed, 06 Jul 2016)</dd>
</dl>
<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>Make sure the password is set to what user chose when signing up with a blog
When signing up, users choose their password and we are hashing them into the meta field of the signups table.
When users activate their accounts, we directly run a query to replace the password automatically generated by WordPress to what the users chose. For the "signup with a blog" case, it appears this is not taking in account because the created users is cached and the `xprofile_sync_wp_profile()` function is reseting the password to the cached version.
To avoid this, as soon as we run the direct query, we are cleaning the cached object of the created user.
Fixes <a href="http://buddypress.trac.wordpress.org/ticket/7173">#7173</a> (2.6 branch)</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#branches26srcbpmembersbpmembersfunctionsphp">branches/2.6/src/bp-members/bp-members-functions.php</a></li>
<li><a href="#branches26testsphpunittestcasesmembersfunctionsphp">branches/2.6/tests/phpunit/testcases/members/functions.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="branches26srcbpmembersbpmembersfunctionsphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: branches/2.6/src/bp-members/bp-members-functions.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- branches/2.6/src/bp-members/bp-members-functions.php 2016-07-06 16:39:34 UTC (rev 10938)
+++ branches/2.6/src/bp-members/bp-members-functions.php 2016-07-06 17:00:00 UTC (rev 10939)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -2065,15 +2065,23 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- // Update the display_name.
- wp_update_user( array(
- 'ID' => $user_id,
- 'display_name' => bp_core_get_user_displayname( $user_id ),
- ) );
-
- // Set the password on multisite installs.
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ // Replace the password automatically generated by WordPress by the one the user chose.
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( ! empty( $user['meta']['password'] ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->users} SET user_pass = %s WHERE ID = %d", $user['meta']['password'], $user_id ) );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ /**
+ * Make sure to clean the user's cache as we've
+ * directly edited the password without using
+ * wp_update_user().
+ *
+ * If we can't use wp_update_user() that's because
+ * we already hashed the password at the signup step.
+ */
+ $uc = wp_cache_get( $user_id, 'users' );
+
+ if ( ! empty( $uc->ID ) ) {
+ clean_user_cache( $uc->ID );
+ }
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span></span></pre></div>
<a id="branches26testsphpunittestcasesmembersfunctionsphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: branches/2.6/tests/phpunit/testcases/members/functions.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- branches/2.6/tests/phpunit/testcases/members/functions.php 2016-07-06 16:39:34 UTC (rev 10938)
+++ branches/2.6/tests/phpunit/testcases/members/functions.php 2016-07-06 17:00:00 UTC (rev 10939)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -587,4 +587,54 @@
</span><span class="cx" style="display: block; padding: 0 10px"> public function test_wp_registration_url_should_return_bp_register_page_when_register_page_is_configured_properly() {
</span><span class="cx" style="display: block; padding: 0 10px"> $this->assertSame( bp_get_signup_page(), wp_registration_url() );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ /**
+ * @group bp_core_activate_signup
+ */
+ public function test_bp_core_activate_signup_password() {
+ global $wpdb;
+
+
+ $signups = array( 'no-blog' =>
+ array( 'signup_id' => $this->factory->signup->create( array(
+ 'user_login' => 'noblog',
+ 'user_email' => 'noblog@example.com',
+ 'activation_key' => 'no-blog',
+ 'meta' => array(
+ 'field_1' => 'Foo Bar',
+ 'password' => 'foobar',
+ ),
+ ) ),
+ 'password' => 'foobar',
+ ),
+ );
+
+ if ( is_multisite() ) {
+ $signups['ms-blog'] = array( 'signup_id' => $this->factory->signup->create( array(
+ 'user_login' => 'msblog',
+ 'user_email' => 'msblog@example.com',
+ 'domain' => get_current_site()->domain,
+ 'path' => get_current_site()->path . 'ms-blog',
+ 'title' => 'Ding Dang',
+ 'activation_key' => 'ms-blog',
+ 'meta' => array(
+ 'field_1' => 'Ding Dang',
+ 'password' => 'dingdang',
+ ),
+ ) ),
+ 'password' => 'dingdang',
+ );
+ }
+
+ // Neutralize db errors
+ $suppress = $wpdb->suppress_errors();
+
+ foreach ( $signups as $key => $data ) {
+ $u = bp_core_activate_signup( $key );
+
+ $this->assertEquals( get_userdata( $u )->user_pass, $data['password'] );
+ }
+
+ $wpdb->suppress_errors( $suppress );
+ }
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span></span></pre>
</div>
</div>
</body>
</html>