Closed johanee closed 5 years ago
wp_authenticate() expect arguments to have "slashed" data[1] (" encoded as \"), but WP REST parameters are unslashed[2].
wp_authenticate()
"
\"
Use wp_slash() on username and password before calling wp_authenticate().
[1] See wp_signon() usage in trac where slashed $_POST data is used directly. [2] https://make.wordpress.org/core/2016/04/06/rest-api-slashed-data-in-wordpress-4-4-and-4-5/
wp_signon()
$_POST
Huge +1 on this, feels weird that it doesn't support any type of password content.
Great to get it to get special characters support in passwords
wp_authenticate()
expect arguments to have "slashed" data[1] ("
encoded as\"
), but WP REST parameters are unslashed[2].Use wp_slash() on username and password before calling wp_authenticate().
[1] See
wp_signon()
usage in trac where slashed$_POST
data is used directly. [2] https://make.wordpress.org/core/2016/04/06/rest-api-slashed-data-in-wordpress-4-4-and-4-5/