Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

REST API: Use strict `in_array()` checks for the list of usernames blacklisted via `illegal_user_logins` filter. 

See #48839.
Built from https://develop.svn.wordpress.org/trunk@46804


git-svn-id: http://core.svn.wordpress.org/trunk@46604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2019-11-29 22:04:02 +00:00
parent 86c441140b
commit 1d1c74385f
5 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/includes/user.php
View File

@ -193,7 +193,7 @@ function edit_user( $user_id = 0 ) {
/** This filter is documented in wp-includes/user.php */
$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ), true ) ) {
$errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
}

2
wp-includes/ms-functions.php
View File

@ -488,7 +488,7 @@ function wpmu_validate_user_signup( $user_name, $user_email ) {
/** This filter is documented in wp-includes/user.php */
$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_logins ) ) ) {
if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_logins ), true ) ) {
$errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) );
}

2
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
View File

@ -1137,7 +1137,7 @@ class WP_REST_Users_Controller extends WP_REST_Controller {
/** This filter is documented in wp-includes/user.php */
$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
if ( in_array( strtolower( $username ), array_map( 'strtolower', $illegal_logins ) ) ) {
if ( in_array( strtolower( $username ), array_map( 'strtolower', $illegal_logins ), true ) ) {
return new WP_Error( 'rest_user_invalid_username', __( 'Sorry, that username is not allowed.' ), array( 'status' => 400 ) );
}

4
wp-includes/user.php
View File

@ -1584,7 +1584,7 @@ function wp_insert_user( $userdata ) {
*/
$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ), true ) ) {
return new WP_Error( 'invalid_username', __( 'Sorry, that username is not allowed.' ) );
}
@ -2503,7 +2503,7 @@ function register_new_user( $user_login, $user_email ) {
} else {
/** This filter is documented in wp-includes/user.php */
$illegal_user_logins = (array) apply_filters( 'illegal_user_logins', array() );
if ( in_array( strtolower( $sanitized_user_login ), array_map( 'strtolower', $illegal_user_logins ) ) ) {
if ( in_array( strtolower( $sanitized_user_login ), array_map( 'strtolower', $illegal_user_logins ), true ) ) {
$errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
}
}

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.4-alpha-46803';
$wp_version = '5.4-alpha-46804';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.