-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Possible infinite loop in profile_update hook #800
Comments
This issue is also tracked in a support ticket (SF 00463569). Just FYI. |
Hi @joshcanhelp do you think the provided information is sufficient to work on the issue? |
@Zae - Apologies for the long delay here. I think you're spot-on with the root cause here and we'll get that fixed and released as soon as possible. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Description
When logging in with the auth0 plugin I expect to be able to login, however we've noticed since updating to Auth0 v4, that some users are getting out of memory issues when logging in. It seems that for some users an infinite loops triggers that causes PHP to crash eventually.
Reproduction
I don't know the full details to reproduce yet, however I seem to have fixed it for us by commenting out a bit of code.
It seems that the function
wp_auth0_profile_change_email
listens to theprofile_update
hook. Which in turn call the methodupdate_email
in the classWP_Auth0_Profile_Change_Email
.This method calls remove_action('profile_update') explicitly to stop infinite loops, however that does not seem to work. I think this might be because there are now 2 functions listening for
profile_update
, the method in this class listens to it after being called for the first time and the functionwp_auth0_profile_change_email
I mentioned before.I think this might be a refactoring bug, before this class registered it's own
profile_update
hook but in v4 thatwp_auth0_profile_change_email
function was added. Theremove_action
that should stop infinite loops does not deregister the newwp_auth0_profile_change_email
function that callsWP_Auth0_Profile_Change_Email
, only it's own function, which I think is wrong.For now I completely commented out the
wp_auth0_profile_change_email
function and do an early return inWP_Auth0_Profile_Change_Email::update_email
to make sure it doesn't run.(partial) STACKTRACE
wp-content/plugins/auth0/lib/profile/WP_Auth0_Profile_Change_Email.php:94
wp-content/plugins/auth0/WP_Auth0.php:441
wp-includes/class-wp-hook.php:287
wp-includes/class-wp-hook.php:311
wp-includes/plugin.php:478
wp-includes/user.php:1876
wp-includes/user.php:1995
wp-content/plugins/auth0/lib/profile/WP_Auth0_Profile_Change_Email.php:94
Environment
Wordpress: 5.4.2
Login by Auth0: 4.1.0
The text was updated successfully, but these errors were encountered: