Users: After [35189], make `'illegal_user_logins'` check case-insensitive.

Props juliobox. Fixes #27317. git-svn-id: https://develop.svn.wordpress.org/trunk@35629 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-12 16:29:45 +00:00 · 2015-11-12 16:29:45 +00:00 · 0cff629050
parent 571084e0e1
commit 0cff629050
4 changed files with 22 additions and 7 deletions
--- a/src/wp-admin/includes/user.php
+++ b/src/wp-admin/includes/user.php
@ -143,7 +143,9 @@ function edit_user( $user_id = 0 ) {
 		$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ));

 	/** This filter is documented in wp-includes/user-functions.php */
-	if ( in_array( $user->user_login, apply_filters( 'illegal_user_logins', array() ) ) ) {
+	$illegal_logins = apply_filters( 'illegal_user_logins', array() );
+
+	if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
 		$errors->add( 'illegal_user_login', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
 	}

--- a/src/wp-includes/ms-functions.php
+++ b/src/wp-includes/ms-functions.php
@ -432,7 +432,9 @@ function wpmu_validate_user_signup($user_name, $user_email) {
 	}

 	/** This filter is documented in wp-includes/user-functions.php */
-	if ( in_array( $user_name, apply_filters( 'illegal_user_logins', array() ) ) ) {
+	$illegal_logins = apply_filters( 'illegal_user_logins', array() );
+
+	if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_logins ) ) ) {
 		$errors->add( 'user_name',  __( 'Sorry, that username is not allowed.' ) );
 	}

--- a/src/wp-includes/user-functions.php
+++ b/src/wp-includes/user-functions.php
@ -1328,7 +1328,9 @@ function wp_insert_user( $userdata ) {
 	 *
 	 * @param array $usernames Array of blacklisted usernames.
 	 */
-	if ( in_array( $user_login, apply_filters( 'illegal_user_logins', array() ) ) ) {
+	$illegal_logins = apply_filters( 'illegal_user_logins', array() );
+
+	if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
 		return new WP_Error( 'illegal_user_login', __( 'Sorry, that username is not allowed.' ) );
 	}

--- a/tests/phpunit/tests/user.php
+++ b/tests/phpunit/tests/user.php
@ -595,10 +595,11 @@ class Tests_User extends WP_UnitTestCase {

 	/**
 	 * @ticket 27317
+	 * @dataProvider _illegal_user_logins_data
 	 */
-	function test_illegal_user_logins_single() {
+	function test_illegal_user_logins_single( $user_login ) {
 		$user_data = array(
-			'user_login' => 'testuser',
+			'user_login' => $user_login,
 			'user_email' => 'testuser@example.com',
 			'user_pass'  => wp_generate_password(),
 		);
@ -618,14 +619,15 @@ class Tests_User extends WP_UnitTestCase {

 	/**
 	 * @ticket 27317
+	 * @dataProvider _illegal_user_logins_data
 	 */
-	function test_illegal_user_logins_multisite() {
+	function test_illegal_user_logins_multisite( $user_login ) {
 		if ( ! is_multisite() ) {
 			return;
 		}

 		$user_data = array(
-			'user_login' => 'testuser',
+			'user_login' => $user_login,
 			'user_email' => 'testuser@example.com',
 		);

@ -642,6 +644,13 @@ class Tests_User extends WP_UnitTestCase {
 		$this->assertEquals( 0, count( $response['errors']->get_error_codes() ) );
 	}

+	function _illegal_user_logins_data() {
+		return array(
+			array( 'testuser' ),
+			array( 'TestUser' ),
+		);
+	}
+
 	function _illegal_user_logins() {
 		return array( 'testuser' );
 	}