[wp-trac] [WordPress Trac] #63770: WordPress wp_insert_user() throws warning when password is not provided
WordPress Trac
noreply at wordpress.org
Sun Aug 3 22:08:25 UTC 2025
#63770: WordPress wp_insert_user() throws warning when password is not provided
-------------------------------------+-------------------------------
Reporter: sheldorofazeroth | Owner: sheldorofazeroth
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version: trunk
Severity: normal | Resolution:
Keywords: has-test-info has-patch | Focuses: coding-standards
-------------------------------------+-------------------------------
Comment (by peterwilsoncc):
@sheldorofazeroth @hbhalodia I understand what's behind your argument but
as the function is a low level function for use by developers. Logging a
warning is the correct course of action.
I agree it would be better if the account wasn't created but WordPress
strives to maintain backward compatibility that needs to be the case going
forward.
A compromise I might accept is as follows:
* `wp_insert_post()` detects an undefined/empty password ans throws a
specific warning using
[https://developer.wordpress.org/reference/functions/wp_trigger_error/
wp_trigger_error()` with the `E_USER_WARNING` constant
* `wp_insert_post()` populates the password field if it's empty with a
random password generated by `wp_generate_password( 32 )`
That will improve the details provided to the developer calling the
function to provide specifics rather than the build in PHP error notices.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/63770#comment:15>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list