Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-01-05 07:58:35 +01:00
Code Issues Projects Releases Wiki Activity

Fix user validation feedback. Props sivel. fixes #13162

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2010-05-03 23:46:42 +00:00
parent 72f99c8a96
commit 2ecda01ce0
3 changed files with 33 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/includes/user.php
View File

@ -158,8 +158,8 @@ function edit_user( $user_id = 0 ) {
if ( !empty( $pass1 ) ) if ( !empty( $pass1 ) )
$user->user_pass = $pass1; $user->user_pass = $pass1;
if ( !$update && !validate_username( $user->user_login ) ) if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) )
$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid. Please enter a valid username.' )); $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ));
if ( !$update && username_exists( $user->user_login ) ) if ( !$update && username_exists( $user->user_login ) )
$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' )); $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ));

1
wp-includes/formatting.php
View File

@ -736,6 +736,7 @@ function sanitize_file_name( $filename ) {
function sanitize_user( $username, $strict = false ) { function sanitize_user( $username, $strict = false ) {
$raw_username = $username; $raw_username = $username;
$username = wp_strip_all_tags( $username ); $username = wp_strip_all_tags( $username );
$username = remove_accents( $username );
// Kill octets // Kill octets
$username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username ); $username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username );
$username = preg_replace( '/&.+?;/', '', $username ); // Kill entities $username = preg_replace( '/&.+?;/', '', $username ); // Kill entities

22
wp-login.php
View File

@ -271,17 +271,18 @@ function reset_password($key, $login) {
function register_new_user( $user_login, $user_email ) { function register_new_user( $user_login, $user_email ) {
$errors = new WP_Error(); $errors = new WP_Error();
$user_login = sanitize_user( $user_login ); $sanitized_user_login = sanitize_user( $user_login );
$user_email = apply_filters( 'user_registration_email', $user_email ); $user_email = apply_filters( 'user_registration_email', $user_email );
// Check the username // Check the username
if ( $user_login == '' ) if ( $sanitized_user_login == '' ) {
$errors->add( 'empty_username', __( '<strong>ERROR</strong>: Please enter a username.' ) ); $errors->add( 'empty_username', __( '<strong>ERROR</strong>: Please enter a username.' ) );
elseif ( !validate_username( $user_login ) ) { } elseif ( ! validate_username( $user_login ) ) {
$errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.')); $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
$user_login = ''; $sanitized_user_login = '';
} elseif ( username_exists( $user_login ) ) } elseif ( username_exists( $sanitized_user_login ) ) {
$errors->add( 'username_exists', __( '<strong>ERROR</strong>: This username is already registered, please choose another one.' ) ); $errors->add( 'username_exists', __( '<strong>ERROR</strong>: This username is already registered, please choose another one.' ) );
}
// Check the e-mail address // Check the e-mail address
if ( $user_email == '' ) { if ( $user_email == '' ) {
@ -289,18 +290,19 @@ function register_new_user($user_login, $user_email) {
} elseif ( ! is_email( $user_email ) ) { } elseif ( ! is_email( $user_email ) ) {
$errors->add( 'invalid_email', __( '<strong>ERROR</strong>: The email address isn&#8217;t correct.' ) ); $errors->add( 'invalid_email', __( '<strong>ERROR</strong>: The email address isn&#8217;t correct.' ) );
$user_email = ''; $user_email = '';
} elseif ( email_exists( $user_email ) ) } elseif ( email_exists( $user_email ) ) {
$errors->add( 'email_exists', __( '<strong>ERROR</strong>: This email is already registered, please choose another one.' ) ); $errors->add( 'email_exists', __( '<strong>ERROR</strong>: This email is already registered, please choose another one.' ) );
}
do_action('register_post', $user_login, $user_email, $errors); do_action( 'register_post', $sanitized_user_login, $user_email, $errors );
$errors = apply_filters( 'registration_errors', $errors, $user_login, $user_email ); $errors = apply_filters( 'registration_errors', $errors, $sanitized_user_login, $user_email );
if ( $errors->get_error_code() ) if ( $errors->get_error_code() )
return $errors; return $errors;
$user_pass = wp_generate_password(); $user_pass = wp_generate_password();
$user_id = wp_create_user( $user_login, $user_pass, $user_email ); $user_id = wp_create_user( $sanitized_user_login, $user_pass, $user_email );
if ( ! $user_id ) { if ( ! $user_id ) {
$errors->add( 'registerfail', sprintf( __( '<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !' ), get_option( 'admin_email' ) ) ); $errors->add( 'registerfail', sprintf( __( '<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !' ), get_option( 'admin_email' ) ) );
return $errors; return $errors;