Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Login and Registration: Allow email logins to be more flexible. 

Allows a login to have an apostorphe. Which would normally be created as a mistake, but this allows the login to happen.

Fixes #38744
Props wpkuf, desrosj, socalchristina, bibliofille, santilinwp, nsubugak, sncoker, cafenoirdesign, whyisjake.


Built from https://develop.svn.wordpress.org/trunk@46640


git-svn-id: http://core.svn.wordpress.org/trunk@46440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
whyisjake 2019-11-03 20:12:02 +00:00
parent 44db7e4f6f
commit a87271af60
4 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/includes/user.php
View File

@ -41,7 +41,7 @@ function edit_user( $user_id = 0 ) {
}
if ( ! $update && isset( $_POST['user_login'] ) ) {
$user->user_login = sanitize_user( $_POST['user_login'], true );
$user->user_login = sanitize_user( wp_unslash( $_POST['user_login'] ), true );
}
$pass1 = '';

2
wp-includes/user.php
View File

@ -35,7 +35,7 @@ function wp_signon( $credentials = array(), $secure_cookie = '' ) {
$credentials = array(); // Back-compat for plugins passing an empty string.
if ( ! empty( $_POST['log'] ) ) {
$credentials['user_login'] = $_POST['log'];
$credentials['user_login'] = wp_unslash( $_POST['log'] );
}
if ( ! empty( $_POST['pwd'] ) ) {
$credentials['user_password'] = $_POST['pwd'];

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.4-alpha-46638';
$wp_version = '5.4-alpha-46640';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.

4
wp-login.php
View File

@ -1032,7 +1032,7 @@ switch ( $action ) {
if ( $http_post ) {
if ( isset( $_POST['user_login'] ) && is_string( $_POST['user_login'] ) ) {
$user_login = $_POST['user_login'];
$user_login = wp_unslash( $_POST['user_login'] );
}
if ( isset( $_POST['user_email'] ) && is_string( $_POST['user_email'] ) ) {
@ -1150,7 +1150,7 @@ switch ( $action ) {
// If the user wants SSL but the session is not SSL, force a secure cookie.
if ( ! empty( $_POST['log'] ) && ! force_ssl_admin() ) {
$user_name = sanitize_user( $_POST['log'] );
$user_name = sanitize_user( wp_unslash( $_POST['log'] ) );
$user = get_user_by( 'login', $user_name );
if ( ! $user && strpos( $user_name, '@' ) ) {