Login and Registration: Declare globals at the top of wp_signon() for consistency.

Follow-up to [10437], [32637], [58333]. See #58901. git-svn-id: https://develop.svn.wordpress.org/trunk@58341 602fd350-edb4-49c9-b593-d223f7449a82
2025-01-18 05:18:42 +01:00 · 2024-06-05 12:21:46 +00:00 · 2024-06-05 12:21:46 +00:00 · ac84bd53c6
commit ac84bd53c6
parent c4dd762c62
2 changed files with 17 additions and 18 deletions
--- a/src/wp-includes/user.php
+++ b/src/wp-includes/user.php
@ -25,6 +25,7 @@
 * @since 2.5.0
 *
 * @global string $auth_secure_cookie
+ * @global wpdb   $wpdb               WordPress database abstraction object.
 *
 * @param array       $credentials {
 *     Optional. User info in order to sign on.
@ -38,6 +39,8 @@
 * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
 */
 function wp_signon( $credentials = array(), $secure_cookie = '' ) {
+	global $auth_secure_cookie, $wpdb;
+
 	if ( empty( $credentials ) ) {
 		$credentials = array(
 			'user_login'    => '',
@ -98,7 +101,7 @@ function wp_signon( $credentials = array(), $secure_cookie = '' ) {
 	 */
 	$secure_cookie = apply_filters( 'secure_signon_cookie', $secure_cookie, $credentials );

-	global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie().
+	// XXX ugly hack to pass this to wp_authenticate_cookie().
 	$auth_secure_cookie = $secure_cookie;

 	add_filter( 'authenticate', 'wp_authenticate_cookie', 30, 3 );
@ -111,24 +114,16 @@ function wp_signon( $credentials = array(), $secure_cookie = '' ) {

 	wp_set_auth_cookie( $user->ID, $credentials['remember'], $secure_cookie );

-	/**
-	 * @global wpdb $wpdb WordPress database abstraction object.
-	 */
-	global $wpdb;
-
-	// Flush `user_activation_key` if exists after successful login.
+	// Clear `user_activation_key` after a successful login.
 	if ( ! empty( $user->user_activation_key ) ) {
 		$wpdb->update(
 			$wpdb->users,
 			array(
 				'user_activation_key' => '',
 			),
-			array( 'ID' => $user->ID ),
-			array( '%s' ),
-			array( '%d' )
+			array( 'ID' => $user->ID )
 		);

-		// Empty user_activation_key object.
 		$user->user_activation_key = '';
 	}

@ -141,6 +136,7 @@ function wp_signon( $credentials = array(), $secure_cookie = '' ) {
 	 * @param WP_User $user       WP_User object of the logged-in user.
 	 */
 	do_action( 'wp_login', $user->user_login, $user );
+
 	return $user;
 }

@ -306,6 +302,8 @@ function wp_authenticate_email_password( $user, $email, $password ) {
 * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
 */
 function wp_authenticate_cookie( $user, $username, $password ) {
+	global $auth_secure_cookie;
+
 	if ( $user instanceof WP_User ) {
 		return $user;
 	}
@ -316,8 +314,6 @@ function wp_authenticate_cookie( $user, $username, $password ) {
 			return new WP_User( $user_id );
 		}

-		global $auth_secure_cookie;
-
 		if ( $auth_secure_cookie ) {
 			$auth_cookie = SECURE_AUTH_COOKIE;
 		} else {
--- a/tests/phpunit/tests/auth.php
+++ b/tests/phpunit/tests/auth.php
@ -424,27 +424,30 @@ class Tests_Auth extends WP_UnitTestCase {
 	}

 	/**
-	 * Ensure that the user_activation_key is cleared (if available) after a successful login.
+	 * Ensure that `user_activation_key` is cleared after a successful login.
 	 *
 	 * @ticket 58901
+	 *
+	 * @covers ::wp_signon
 	 */
 	public function test_user_activation_key_after_successful_login() {
 		global $wpdb;

-		$reset_key                    = get_password_reset_key( $this->user );
-		$user                         = wp_signon(
+		$password_reset_key = get_password_reset_key( $this->user );
+		$user               = wp_signon(
 			array(
 				'user_login'    => self::USER_LOGIN,
 				'user_password' => self::USER_PASS,
 			)
 		);
+
 		$activation_key_from_database = $wpdb->get_var(
 			$wpdb->prepare( "SELECT user_activation_key FROM $wpdb->users WHERE ID = %d", $this->user->ID )
 		);

-		$this->assertNotWPError( $reset_key, 'The password reset key was not created.' );
+		$this->assertNotWPError( $password_reset_key, 'The password reset key was not created.' );
 		$this->assertNotWPError( $user, 'The user was not authenticated.' );
-		$this->assertEmpty( $user->user_activation_key, 'The `user_activation_key` was not empty on the user object returned by `wp_signon` function.' );
+		$this->assertEmpty( $user->user_activation_key, 'The `user_activation_key` was not empty on the user object returned by `wp_signon()` function.' );
 		$this->assertEmpty( $activation_key_from_database, 'The `user_activation_key` was not empty in the database.' );
 	}