Hardcoded User ID?

  • Noticed this in wpc_functions.php at line 2584, wpCentral 1.5.0:

    $user_info = get_userdata(1);

    Why is the user id hardcoded to 1 here?

    Many sites do not have that user (any more), it is often manually removed due to various tutorials about ‘hardening’ WordPress or the id of that user is changed/randomized by various ‘security’ plugins etc.

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi,

    This was solved in version 1.5.2

    Regards

    Thread Starter Ov3rfly

    (@ov3rfly)

    Took a look at wpCentral 1.5.2, the above mentioned hardcoded user id 1 in my_wpc_signon() now in line 2523 is still there:

    $user_info = get_userdata(1);

    Would also suggest to add a check at the 1.5.2 fix in wpc_post_redirect(..) in line 2422 if $users_query->get_results() actually returns something before using the result.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hardcoded User ID?’ is closed to new replies.