From 5aef1c5aa59db59dbbffe183da6bdd4113d8185b Mon Sep 17 00:00:00 2001
From: "Drew Jaynes (DrewAPicture)" <drewapicture@git.wordpress.org>
Date: Sun, 10 Aug 2014 02:38:52 +0000
Subject: [PATCH] Improve the `wp_set_password()` PHPDoc with a note to guard
 against executing the function on every page load, such as through a theme's
 functions.php file.

See #28316.


git-svn-id: https://develop.svn.wordpress.org/trunk@29461 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/pluggable.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/wp-includes/pluggable.php b/src/wp-includes/pluggable.php
index 52a16788fc..e0c031ea87 100644
--- a/src/wp-includes/pluggable.php
+++ b/src/wp-includes/pluggable.php
@@ -2052,6 +2052,10 @@ if ( !function_exists('wp_set_password') ) :
  * For integration with other applications, this function can be overwritten to
  * instead use the other package password checking algorithm.
  *
+ * Please note: This function should be used sparingly and is really only meant for single-time
+ * application. Leveraging this improperly in a plugin or theme could result in an endless loop
+ * of password resets if precautions are not taken to ensure it does execute on every page load.
+ *
  * @since 2.5.0
  *
  * @uses $wpdb WordPress database object for queries