--- a/wp/wp-includes/ms-functions.php Fri Sep 05 18:40:08 2025 +0200
+++ b/wp/wp-includes/ms-functions.php Fri Sep 05 18:52:52 2025 +0200
@@ -71,18 +71,26 @@
}
}
- if ( ( ! is_object( $primary ) ) || ( 1 == $primary->archived || 1 == $primary->spam || 1 == $primary->deleted ) ) {
+ if ( ( ! is_object( $primary ) )
+ || ( '1' === $primary->archived || '1' === $primary->spam || '1' === $primary->deleted )
+ ) {
$blogs = get_blogs_of_user( $user_id, true ); // If a user's primary blog is shut down, check their other blogs.
$ret = false;
+
if ( is_array( $blogs ) && count( $blogs ) > 0 ) {
+ $current_network_id = get_current_network_id();
+
foreach ( (array) $blogs as $blog_id => $blog ) {
- if ( get_current_network_id() != $blog->site_id ) {
+ if ( $blog->site_id !== $current_network_id ) {
continue;
}
+
$details = get_site( $blog_id );
- if ( is_object( $details ) && 0 == $details->archived && 0 == $details->spam && 0 == $details->deleted ) {
+ if ( is_object( $details )
+ && '0' === $details->archived && '0' === $details->spam && '0' === $details->deleted
+ ) {
$ret = $details;
- if ( get_user_meta( $user_id, 'primary_blog', true ) != $blog_id ) {
+ if ( (int) get_user_meta( $user_id, 'primary_blog', true ) !== $blog_id ) {
update_user_meta( $user_id, 'primary_blog', $blog_id );
}
if ( ! get_user_meta( $user_id, 'source_domain', true ) ) {
@@ -94,6 +102,7 @@
} else {
return;
}
+
return $ret;
} else {
return $primary;
@@ -230,8 +239,10 @@
function remove_user_from_blog( $user_id, $blog_id = 0, $reassign = 0 ) {
global $wpdb;
+ $user_id = (int) $user_id;
+ $blog_id = (int) $blog_id;
+
switch_to_blog( $blog_id );
- $user_id = (int) $user_id;
/**
* Fires before a user is removed from a site.
@@ -249,13 +260,13 @@
* If being removed from the primary blog, set a new primary
* if the user is assigned to multiple blogs.
*/
- $primary_blog = get_user_meta( $user_id, 'primary_blog', true );
- if ( $primary_blog == $blog_id ) {
+ $primary_blog = (int) get_user_meta( $user_id, 'primary_blog', true );
+ if ( $primary_blog === $blog_id ) {
$new_id = '';
$new_domain = '';
$blogs = get_blogs_of_user( $user_id );
foreach ( (array) $blogs as $blog ) {
- if ( $blog->userblog_id == $blog_id ) {
+ if ( $blog->userblog_id === $blog_id ) {
continue;
}
$new_id = $blog->userblog_id;
@@ -341,7 +352,7 @@
$path = strtolower( $path );
$id = wp_cache_get( md5( $domain . $path ), 'blog-id-cache' );
- if ( -1 == $id ) { // Blog does not exist.
+ if ( -1 === $id ) { // Blog does not exist.
return 0;
} elseif ( $id ) {
return (int) $id;
@@ -462,7 +473,7 @@
$orig_username = $user_name;
$user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) );
- if ( $user_name != $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) {
+ if ( $user_name !== $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) {
$errors->add( 'user_name', __( 'Usernames can only contain lowercase letters (a-z) and numbers.' ) );
$user_name = $orig_username;
}
@@ -474,10 +485,12 @@
}
$illegal_names = get_site_option( 'illegal_names' );
+
if ( ! is_array( $illegal_names ) ) {
$illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' );
add_site_option( 'illegal_names', $illegal_names );
}
+
if ( in_array( $user_name, $illegal_names, true ) ) {
$errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) );
}
@@ -509,10 +522,12 @@
}
$limited_email_domains = get_site_option( 'limited_email_domains' );
+
if ( is_array( $limited_email_domains ) && ! empty( $limited_email_domains ) ) {
$limited_email_domains = array_map( 'strtolower', $limited_email_domains );
- $emaildomain = strtolower( substr( $user_email, 1 + strpos( $user_email, '@' ) ) );
- if ( ! in_array( $emaildomain, $limited_email_domains, true ) ) {
+ $email_domain = strtolower( substr( $user_email, 1 + strpos( $user_email, '@' ) ) );
+
+ if ( ! in_array( $email_domain, $limited_email_domains, true ) ) {
$errors->add( 'user_email', __( 'Sorry, that email address is not allowed!' ) );
}
}
@@ -630,7 +645,8 @@
$errors = new WP_Error();
$illegal_names = get_site_option( 'illegal_names' );
- if ( false == $illegal_names ) {
+
+ if ( ! is_array( $illegal_names ) ) {
$illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' );
add_site_option( 'illegal_names', $illegal_names );
}
@@ -714,7 +730,7 @@
* unless it's the user's own username.
*/
if ( username_exists( $blogname ) ) {
- if ( ! is_object( $user ) || ( is_object( $user ) && ( $user->user_login != $blogname ) ) ) {
+ if ( ! is_object( $user ) || ( is_object( $user ) && $user->user_login !== $blogname ) ) {
$errors->add( 'blogname', __( 'Sorry, that site is reserved!' ) );
}
}
@@ -922,7 +938,16 @@
* @param array $meta Optional. Signup meta data. By default, contains the requested privacy setting and lang_id.
* @return bool
*/
-function wpmu_signup_blog_notification( $domain, $path, $title, $user_login, $user_email, $key, $meta = array() ) {
+function wpmu_signup_blog_notification(
+ $domain,
+ $path,
+ $title,
+ $user_login,
+ $user_email,
+ #[\SensitiveParameter]
+ $key,
+ $meta = array()
+) {
/**
* Filters whether to bypass the new site email notification.
*
@@ -941,7 +966,7 @@
}
// Send email with activation link.
- if ( ! is_subdomain_install() || get_current_network_id() != 1 ) {
+ if ( ! is_subdomain_install() || get_current_network_id() !== 1 ) {
$activate_url = network_site_url( "wp-activate.php?key=$key" );
} else {
$activate_url = "http://{$domain}{$path}wp-activate.php?key=$key"; // @todo Use *_url() API.
@@ -1057,7 +1082,13 @@
* @param array $meta Optional. Signup meta data. Default empty array.
* @return bool
*/
-function wpmu_signup_user_notification( $user_login, $user_email, $key, $meta = array() ) {
+function wpmu_signup_user_notification(
+ $user_login,
+ $user_email,
+ #[\SensitiveParameter]
+ $key,
+ $meta = array()
+) {
/**
* Filters whether to bypass the email notification for new user sign-up.
*
@@ -1159,7 +1190,10 @@
* @param string $key The activation key provided to the user.
* @return array|WP_Error An array containing information about the activated user and/or blog.
*/
-function wpmu_activate_signup( $key ) {
+function wpmu_activate_signup(
+ #[\SensitiveParameter]
+ $key
+) {
global $wpdb;
$signup = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE activation_key = %s", $key ) );
@@ -1311,7 +1345,12 @@
* @param string $email The new user's email address.
* @return int|false Returns false on failure, or int $user_id on success.
*/
-function wpmu_create_user( $user_name, $password, $email ) {
+function wpmu_create_user(
+ $user_name,
+ #[\SensitiveParameter]
+ $password,
+ $email
+) {
$user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) );
$user_id = wp_create_user( $user_name, $password, $email );
@@ -1433,7 +1472,7 @@
$email = get_site_option( 'admin_email' );
- if ( is_email( $email ) == false ) {
+ if ( ! is_email( $email ) ) {
return false;
}
@@ -1494,7 +1533,7 @@
$email = get_site_option( 'admin_email' );
- if ( is_email( $email ) == false ) {
+ if ( ! is_email( $email ) ) {
return false;
}
@@ -1595,7 +1634,14 @@
* @param array $meta Optional. Signup meta data. By default, contains the requested privacy setting and lang_id.
* @return bool Whether the email notification was sent.
*/
-function wpmu_welcome_notification( $blog_id, $user_id, $password, $title, $meta = array() ) {
+function wpmu_welcome_notification(
+ $blog_id,
+ $user_id,
+ #[\SensitiveParameter]
+ $password,
+ $title,
+ $meta = array()
+) {
$current_network = get_network();
/**
@@ -1620,7 +1666,8 @@
$switched_locale = switch_to_user_locale( $user_id );
$welcome_email = get_site_option( 'welcome_email' );
- if ( false == $welcome_email ) {
+
+ if ( ! $welcome_email ) {
/* translators: Do not translate USERNAME, SITE_NAME, BLOG_URL, PASSWORD: those are placeholders. */
$welcome_email = __(
'Howdy USERNAME,
@@ -1828,7 +1875,12 @@
* @param array $meta Optional. Signup meta data. Default empty array.
* @return bool
*/
-function wpmu_welcome_user_notification( $user_id, $password, $meta = array() ) {
+function wpmu_welcome_user_notification(
+ $user_id,
+ #[\SensitiveParameter]
+ $password,
+ $meta = array()
+) {
$current_network = get_network();
/**
@@ -2021,7 +2073,7 @@
*/
function update_posts_count( $deprecated = '' ) {
global $wpdb;
- update_option( 'post_count', (int) $wpdb->get_var( "SELECT COUNT(ID) FROM {$wpdb->posts} WHERE post_status = 'publish' and post_type = 'post'" ) );
+ update_option( 'post_count', (int) $wpdb->get_var( "SELECT COUNT(ID) FROM {$wpdb->posts} WHERE post_status = 'publish' and post_type = 'post'" ), true );
}
/**
@@ -2254,7 +2306,12 @@
* @param string $password User password. Ignored.
* @param array $meta Signup meta data.
*/
-function add_new_user_to_blog( $user_id, $password, $meta ) {
+function add_new_user_to_blog(
+ $user_id,
+ #[\SensitiveParameter]
+ $password,
+ $meta
+) {
if ( ! empty( $meta['add_to_blog'] ) ) {
$blog_id = $meta['add_to_blog'];
$role = $meta['new_role'];
@@ -2273,7 +2330,7 @@
*
* @since MU (3.0.0)
*
- * @param PHPMailer $phpmailer The PHPMailer instance (passed by reference).
+ * @param PHPMailer\PHPMailer\PHPMailer $phpmailer The PHPMailer instance (passed by reference).
*/
function fix_phpmailer_messageid( $phpmailer ) {
$phpmailer->Hostname = get_network()->domain;
@@ -2297,7 +2354,7 @@
}
}
- return $user && isset( $user->spam ) && 1 == $user->spam;
+ return $user && isset( $user->spam ) && '1' === $user->spam;
}
/**