diff --git a/wp-admin/install.php b/wp-admin/install.php
index 99c78b64ef..f106378021 100644
--- a/wp-admin/install.php
+++ b/wp-admin/install.php
@@ -164,11 +164,11 @@ $wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, p
$wpdb->query( "INSERT INTO $wpdb->post2cat (`rel_id`, `post_id`, `category_id`) VALUES (1, 1, 1)" );
// Default comment
-$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".addslashes(__('Mr WordPress'))."', '', 'http://wordpress.org', '127.0.0.1', '$now', '$now_gmt', '".addslashes(__('Hi, this is a comment.
To delete a comment, just log in, and view the posts\' comments, there you will have the option to edit or delete them.'))."')");
+$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".addslashes(__('Mr WordPress'))."', '', 'http://wordpress.org', '$now', '$now_gmt', '".addslashes(__('Hi, this is a comment.
To delete a comment, just log in, and view the posts\' comments, there you will have the option to edit or delete them.'))."')");
// Set up admin user
$random_password = substr(md5(uniqid(microtime())), 0, 6);
-$wpdb->query("INSERT INTO $wpdb->users (ID, user_login, user_pass, user_nickname, user_email, user_level, user_idmode, user_registered) VALUES ( '1', 'admin', MD5('$random_password'), '".addslashes(__('Administrator'))."', '$admin_email', '10', 'nickname', NOW() )");
+$wpdb->query("INSERT INTO $wpdb->users (ID, user_login, user_pass, user_email, user_level, user_registered) VALUES ( '1', 'admin', MD5('$random_password'), '$admin_email', '10', NOW() )");
$message_headers = 'From: ' . stripslashes($_POST['weblog_title']) . ' ';
$message = sprintf(__("Your new WordPress blog has been successfully set up at:
diff --git a/wp-admin/profile.php b/wp-admin/profile.php
index 4c4d6150c9..69495a5333 100644
--- a/wp-admin/profile.php
+++ b/wp-admin/profile.php
@@ -84,7 +84,16 @@ case 'update':
$newuser_idmode = wp_specialchars($_POST['newuser_idmode']);
$user_description = $_POST['user_description'];
- $result = $wpdb->query("UPDATE $wpdb->users SET user_firstname='$newuser_firstname', $updatepassword user_lastname='$newuser_lastname', user_nickname='$newuser_nickname', user_icq='$newuser_icq', user_email='$newuser_email', user_url='$newuser_url', user_aim='$newuser_aim', user_msn='$newuser_msn', user_yim='$newuser_yim', user_idmode='$newuser_idmode', user_description = '$user_description', user_nicename = '$newuser_nicename' WHERE ID = $user_ID");
+ $result = $wpdb->query("UPDATE $wpdb->users SET $updatepassword user_email='$newuser_email', user_url='$newuser_url', user_nicename = '$newuser_nicename' WHERE ID = $user_ID");
+
+ update_user_meta( $user_ID, 'first_name', $newuser_firstname );
+ update_user_meta( $user_ID, 'last_name', $newuser_lastname );
+ update_user_meta( $user_ID, 'nickname', $newuser_nickname );
+ update_user_meta( $user_ID, 'description', $user_description );
+ update_user_meta( $user_ID, 'icq', $newuser_icq );
+ update_user_meta( $user_ID, 'aim', $newuser_aim );
+ update_user_meta( $user_ID, 'msn', $newuser_msn );
+ update_user_meta( $user_ID, 'yim', $newuser_yim );
do_action('profile_update', $user_ID);
diff --git a/wp-admin/user-edit.php b/wp-admin/user-edit.php
index c32542819c..f6a63bf073 100644
--- a/wp-admin/user-edit.php
+++ b/wp-admin/user-edit.php
@@ -66,7 +66,16 @@ $new_url = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $new_ur
$new_idmode = wp_specialchars($_POST['new_idmode']);
$new_description = $_POST['new_description'];
-$result = $wpdb->query("UPDATE $wpdb->users SET user_login = '$new_user_login', user_firstname = '$new_firstname', $updatepassword user_lastname='$new_lastname', user_nickname='$new_nickname', user_icq='$new_icq', user_email='$new_email', user_url='$new_url', user_aim='$new_aim', user_msn='$new_msn', user_yim='$new_yim', user_idmode='$new_idmode', user_description = '$new_description', user_nicename = '$new_nicename' WHERE ID = $user_id");
+$result = $wpdb->query("UPDATE $wpdb->users SET user_login = '$new_user_login', $updatepassword user_email='$new_email', user_url='$new_url', user_nicename = '$new_nicename' WHERE ID = '$user_id'");
+
+update_user_meta( $user_ID, 'first_name', $new_firstname );
+update_user_meta( $user_ID, 'last_name', $new_lastname );
+update_user_meta( $user_ID, 'nickname', $new_nickname );
+update_user_meta( $user_ID, 'description', $new_description );
+update_user_meta( $user_ID, 'icq', $new_icq );
+update_user_meta( $user_ID, 'aim', $new_aim );
+update_user_meta( $user_ID, 'msn', $new_msn );
+update_user_meta( $user_ID, 'yim', $new_yim );
header("Location: user-edit.php?user_id=$user_id&updated=true");
diff --git a/wp-admin/users.php b/wp-admin/users.php
index fb0fd4f8e1..19261f1c10 100644
--- a/wp-admin/users.php
+++ b/wp-admin/users.php
@@ -69,9 +69,9 @@ case 'adduser':
$new_users_can_blog = get_settings('new_users_can_blog');
$result = $wpdb->query("INSERT INTO $wpdb->users
- (user_login, user_pass, user_nickname, user_email, user_ip, user_domain, user_browser, user_registered, user_level, user_idmode, user_firstname, user_lastname, user_nicename, user_url)
+ (user_login, user_pass, user_email, user_registered, user_level, user_nicename, user_url)
VALUES
- ('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname', '$user_firstname', '$user_lastname', '$user_nicename', '$user_uri')");
+ ('$user_login', MD5('$pass1'), '$user_email', '$now', '$new_users_can_blog', '$user_nicename', '$user_uri')");
if ($result == false)
die (__('ERROR: Couldn’t register you!'));
diff --git a/wp-includes/functions-formatting.php b/wp-includes/functions-formatting.php
index e66afe26f3..8eee3da77b 100644
--- a/wp-includes/functions-formatting.php
+++ b/wp-includes/functions-formatting.php
@@ -265,6 +265,10 @@ function remove_accents($string) {
return $string;
}
+function sanitize_user( $username ) {
+ return preg_replace('|a-z0-9 _.-|i', '', $username);
+}
+
function sanitize_title($title, $fallback_title = '') {
$title = strip_tags($title);
$title = apply_filters('sanitize_title', $title);
diff --git a/wp-includes/pluggable-functions.php b/wp-includes/pluggable-functions.php
index 3220c8b440..3288401b5b 100644
--- a/wp-includes/pluggable-functions.php
+++ b/wp-includes/pluggable-functions.php
@@ -58,7 +58,7 @@ endif;
if ( !function_exists('get_userdatabylogin') ) :
function get_userdatabylogin($user_login) {
global $cache_userdata, $wpdb;
- $user_login = addslashes( $user_login );
+ $user_login = sanitize_user( $user_login );
if ( empty( $user_login ) )
return false;
if ( isset( $cache_userdata[$user_login] ) )
diff --git a/wp-includes/template-functions-author.php b/wp-includes/template-functions-author.php
index d2ae36bbd0..ee83e82578 100644
--- a/wp-includes/template-functions-author.php
+++ b/wp-includes/template-functions-author.php
@@ -156,10 +156,11 @@ function wp_list_authors($args = '') {
function list_authors($optioncount = false, $exclude_admin = true, $show_fullname = false, $hide_empty = true, $feed = '', $feed_image = '') {
global $wpdb;
- $query = "SELECT ID, user_nickname, user_firstname, user_lastname, user_nicename from $wpdb->users " . ($exclude_admin ? "WHERE user_login <> 'admin' " : '') . "ORDER BY user_nickname";
+ $query = "SELECT ID, user_nicename from $wpdb->users " . ($exclude_admin ? "WHERE user_login <> 'admin' " : '') . "ORDER BY display_name";
$authors = $wpdb->get_results($query);
foreach($authors as $author) {
+ $author = get_userdata( $author->ID );
$posts = get_usernumposts($author->ID);
$name = $author->user_nickname;
diff --git a/wp-login.php b/wp-login.php
index dafa1e8dda..1322f34581 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -121,7 +121,7 @@ break;
case 'resetpass' :
// Generate something random for a password... md5'ing current time with a rand salt
- $key = $_GET['key'];
+ $key = preg_replace('/a-z0-9/i', '', $_GET['key']);
if ( empty($key) )
die( __('Sorry, that key does not appear to be valid.') );
$user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_activation_key = '$key'");
diff --git a/wp-register.php b/wp-register.php
index d6662da1bf..b84ca36c00 100644
--- a/wp-register.php
+++ b/wp-register.php
@@ -26,13 +26,11 @@ switch($action) {
case 'register':
- $user_login = $_POST['user_login'];
+ $user_login = sanitize_user( $_POST['user_login'] );
$user_email = $_POST['user_email'];
- /* checking that username has been typed */
- if ($user_login == '') {
+ if ( $user_login == '' )
die (__('ERROR: Please enter a username.'));
- }
/* checking e-mail address */
if ($user_email == '') {
@@ -41,19 +39,16 @@ case 'register':
die (__('ERROR: The email address isn’t correct.'));
}
- /* checking the username isn't already used by another user */
- $result = $wpdb->get_results("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'");
- if (count($result) >= 1) {
+ if ( $result = $wpdb->get_row("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'") )
die (__('ERROR: This username is already registered, please choose another one.'));
- }
$user_ip = $_SERVER['REMOTE_ADDR'] ;
$user_browser = $wpdb->escape($_SERVER['HTTP_USER_AGENT']);
- $user_login = $wpdb->escape( preg_replace('|a-z0-9 _.-|i', '', $user_login) );
+ $user_login = $wpdb->escape( sanitize_user($user_login) ) );
$user_nickname = $user_login;
- $user_nicename = sanitize_title($user_nickname);
+ $user_nicename = sanitize_title($user_nickname);
$now = gmdate('Y-m-d H:i:s');
$user_level = get_settings('new_users_can_blog');
$password = substr( md5( uniqid( microtime() ) ), 0, 7);
diff --git a/wp-settings.php b/wp-settings.php
index 7ba1d07c38..686e259fca 100644
--- a/wp-settings.php
+++ b/wp-settings.php
@@ -52,6 +52,8 @@ $wpdb->usermeta = $table_prefix . 'usermeta';
if ( defined('CUSTOM_USER_TABLE') )
$wpdb->users = CUSTOM_USER_TABLE;
+if ( defined('CUSTOM_USER_META_TABLE') )
+ $wpdb->usermeta = CUSTOM_USER_META_TABLE;
// We're going to need to keep this around for a few months even though we're not using it internally