[buddypress-trac] [BuddyPress Trac] #9332: Nouveau: 'strong' password enforcement still enables submit button on `medium` strength
buddypress-trac
noreply at wordpress.org
Wed Apr 22 20:14:58 UTC 2026
#9332: Nouveau: 'strong' password enforcement still enables submit button on
`medium` strength
--------------------------+-----------------------------
Reporter: r-a-y | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Templates | Version: 10.0.0
Severity: normal | Keywords:
--------------------------+-----------------------------
In BuddyPress 10, password enforcement was added (#8589).
If I set password enforcement to `strong` with:
`define( 'BP_MEMBERS_REQUIRED_PASSWORD_STRENGTH', 4 )`
or:
`add_filter( 'bp_members_user_pass_required_strength', function() { return
4; } );`
On the registration page or when on the "Settings > General" page, if a
`medium` strength password is entered, the submit button is enabled when
it should only be enabled when the password is `strong`. See attached GIF.
The problem is due to a conflict with enqueuing `/wp-admin/js/user-
profile.js`:
https://github.com/WordPress/WordPress/blob/dde3a47f0bc5ebbe792aa1bb572506953b59db63
/wp-admin/js/user-profile.js#L434. `user-profile.js` re-enables the submit
button even on `medium` strength. To solve this, we can add a small
timeout in Nouveau's JS to ensure the submit button is disabled when our
required password strength is not met. See attached patch.
Attached patch also re-initializes the `passwordWarningContainer` variable
so it is able to find the injected `#password-warning` addition to the
DOM. This fixes an issue where the password warning would not show up
again when a strong password is edited to become a medium one on the first
keydown.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/9332>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list