Multisite: Validate email before checking against banned domains.
Previously, an invalid email could result in an undefined index when attempting to determine the email domain. Props ocean90. See #39915. git-svn-id: https://develop.svn.wordpress.org/trunk@40594 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
4678a2c00e
commit
3e9c46812c
@ -442,8 +442,11 @@ function wpmu_validate_user_signup($user_name, $user_email) {
|
|||||||
$errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) );
|
$errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( is_email_address_unsafe( $user_email ) )
|
if ( ! is_email( $user_email ) ) {
|
||||||
$errors->add('user_email', __('You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.'));
|
$errors->add( 'user_email', __( 'Please enter a valid email address.' ) );
|
||||||
|
} elseif ( is_email_address_unsafe( $user_email ) ) {
|
||||||
|
$errors->add( 'user_email', __( 'You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.' ) );
|
||||||
|
}
|
||||||
|
|
||||||
if ( strlen( $user_name ) < 4 )
|
if ( strlen( $user_name ) < 4 )
|
||||||
$errors->add('user_name', __( 'Username must be at least 4 characters.' ) );
|
$errors->add('user_name', __( 'Username must be at least 4 characters.' ) );
|
||||||
@ -456,9 +459,6 @@ function wpmu_validate_user_signup($user_name, $user_email) {
|
|||||||
if ( preg_match( '/^[0-9]*$/', $user_name ) )
|
if ( preg_match( '/^[0-9]*$/', $user_name ) )
|
||||||
$errors->add('user_name', __('Sorry, usernames must have letters too!'));
|
$errors->add('user_name', __('Sorry, usernames must have letters too!'));
|
||||||
|
|
||||||
if ( !is_email( $user_email ) )
|
|
||||||
$errors->add('user_email', __( 'Please enter a valid email address.' ) );
|
|
||||||
|
|
||||||
$limited_email_domains = get_site_option( 'limited_email_domains' );
|
$limited_email_domains = get_site_option( 'limited_email_domains' );
|
||||||
if ( is_array( $limited_email_domains ) && ! empty( $limited_email_domains ) ) {
|
if ( is_array( $limited_email_domains ) && ! empty( $limited_email_domains ) ) {
|
||||||
$emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
|
$emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
|
||||||
|
@ -122,6 +122,41 @@ class Tests_Multisite_WpmuValidateUserSignup extends WP_UnitTestCase {
|
|||||||
$this->assertNotContains( 'user_email', $v['errors']->get_error_codes() );
|
$this->assertNotContains( 'user_email', $v['errors']->get_error_codes() );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function test_invalid_email_address_with_no_banned_domains_results_in_error() {
|
||||||
|
$valid = wpmu_validate_user_signup( 'validusername', 'invalid-email' );
|
||||||
|
|
||||||
|
$this->assertContains( 'user_email', $valid['errors']->get_error_codes() );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_invalid_email_address_with_banned_domains_results_in_error() {
|
||||||
|
update_site_option( 'banned_email_domains', "bar.com" );
|
||||||
|
$valid = wpmu_validate_user_signup( 'validusername', 'invalid-email' );
|
||||||
|
delete_site_option( 'banned_email_domains' );
|
||||||
|
|
||||||
|
$this->assertContains( 'user_email', $valid['errors']->get_error_codes() );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_incomplete_email_address_with_no_banned_domains_results_in_error() {
|
||||||
|
$valid = wpmu_validate_user_signup( 'validusername', 'incomplete@email' );
|
||||||
|
|
||||||
|
$this->assertContains( 'user_email', $valid['errors']->get_error_codes() );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_valid_email_address_matching_banned_domain_results_in_error() {
|
||||||
|
update_site_option( 'banned_email_domains', "bar.com" );
|
||||||
|
$valid = wpmu_validate_user_signup( 'validusername', 'email@bar.com' );
|
||||||
|
delete_site_option( 'banned_email_domains' );
|
||||||
|
|
||||||
|
$this->assertContains( 'user_email', $valid['errors']->get_error_codes() );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function test_valid_email_address_not_matching_banned_domain_returns_in_success() {
|
||||||
|
update_site_option( 'banned_email_domains', "bar.com" );
|
||||||
|
$valid = wpmu_validate_user_signup( 'validusername', 'email@example.com' );
|
||||||
|
delete_site_option( 'banned_email_domains' );
|
||||||
|
|
||||||
|
$this->assertNotContains( 'user_email', $valid['errors']->get_error_codes() );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
endif;
|
endif;
|
||||||
|
Loading…
Reference in New Issue
Block a user