sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix user validation feedback. Props sivel. fixes #13162

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@14428 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2010-05-03 23:46:42 +00:00
parent 1fc13e3b48
commit 56e95f24c5
3 changed files with 33 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/includes/user.php
View File

@ -158,8 +158,8 @@ function edit_user( $user_id = 0 ) {
if ( !empty( $pass1 ) ) if ( !empty( $pass1 ) )
$user->user_pass = $pass1; $user->user_pass = $pass1;
if ( !$update && !validate_username( $user->user_login ) ) if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) )
$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid. Please enter a valid username.' )); $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ));
if ( !$update && username_exists( $user->user_login ) ) if ( !$update && username_exists( $user->user_login ) )
$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' )); $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ));

13
wp-includes/formatting.php
View File

@ -735,19 +735,20 @@ function sanitize_file_name( $filename ) {
*/ */
function sanitize_user( $username, $strict = false ) { function sanitize_user( $username, $strict = false ) {
$raw_username = $username; $raw_username = $username;
$username = wp_strip_all_tags($username); $username = wp_strip_all_tags( $username );
$username = remove_accents( $username );
// Kill octets // Kill octets
$username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username); $username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username );
$username = preg_replace('/&.+?;/', '', $username); // Kill entities $username = preg_replace( '/&.+?;/', '', $username ); // Kill entities
// If strict, reduce to ASCII for max portability. // If strict, reduce to ASCII for max portability.
if ( $strict ) if ( $strict )
$username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username); $username = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $username );
// Consolidate contiguous whitespace // Consolidate contiguous whitespace
$username = preg_replace('|\s+|', ' ', $username); $username = preg_replace( '|\s+|', ' ', $username );
return apply_filters('sanitize_user', $username, $raw_username, $strict); return apply_filters( 'sanitize_user', $username, $raw_username, $strict );
} }
/** /**

46
wp-login.php
View File

@ -268,47 +268,49 @@ function reset_password($key, $login) {
* @param string $user_email User's email address to send password and add * @param string $user_email User's email address to send password and add
* @return int|WP_Error Either user's ID or error on failure. * @return int|WP_Error Either user's ID or error on failure.
*/ */
function register_new_user($user_login, $user_email) { function register_new_user( $user_login, $user_email ) {
$errors = new WP_Error(); $errors = new WP_Error();
$user_login = sanitize_user( $user_login ); $sanitized_user_login = sanitize_user( $user_login );
$user_email = apply_filters( 'user_registration_email', $user_email ); $user_email = apply_filters( 'user_registration_email', $user_email );
// Check the username // Check the username
if ( $user_login == '' ) if ( $sanitized_user_login == '' ) {
$errors->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.')); $errors->add( 'empty_username', __( '<strong>ERROR</strong>: Please enter a username.' ) );
elseif ( !validate_username( $user_login ) ) { } elseif ( ! validate_username( $user_login ) ) {
$errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.')); $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
$user_login = ''; $sanitized_user_login = '';
} elseif ( username_exists( $user_login ) ) } elseif ( username_exists( $sanitized_user_login ) ) {
$errors->add('username_exists', __('<strong>ERROR</strong>: This username is already registered, please choose another one.')); $errors->add( 'username_exists', __( '<strong>ERROR</strong>: This username is already registered, please choose another one.' ) );
}
// Check the e-mail address // Check the e-mail address
if ($user_email == '') { if ( $user_email == '' ) {
$errors->add('empty_email', __('<strong>ERROR</strong>: Please type your e-mail address.')); $errors->add( 'empty_email', __( '<strong>ERROR</strong>: Please type your e-mail address.' ) );
} elseif ( !is_email( $user_email ) ) { } elseif ( ! is_email( $user_email ) ) {
$errors->add('invalid_email', __('<strong>ERROR</strong>: The email address isn&#8217;t correct.')); $errors->add( 'invalid_email', __( '<strong>ERROR</strong>: The email address isn&#8217;t correct.' ) );
$user_email = ''; $user_email = '';
} elseif ( email_exists( $user_email ) ) } elseif ( email_exists( $user_email ) ) {
$errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.')); $errors->add( 'email_exists', __( '<strong>ERROR</strong>: This email is already registered, please choose another one.' ) );
}
do_action('register_post', $user_login, $user_email, $errors); do_action( 'register_post', $sanitized_user_login, $user_email, $errors );
$errors = apply_filters( 'registration_errors', $errors, $user_login, $user_email ); $errors = apply_filters( 'registration_errors', $errors, $sanitized_user_login, $user_email );
if ( $errors->get_error_code() ) if ( $errors->get_error_code() )
return $errors; return $errors;
$user_pass = wp_generate_password(); $user_pass = wp_generate_password();
$user_id = wp_create_user( $user_login, $user_pass, $user_email ); $user_id = wp_create_user( $sanitized_user_login, $user_pass, $user_email );
if ( !$user_id ) { if ( ! $user_id ) {
$errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_option('admin_email'))); $errors->add( 'registerfail', sprintf( __( '<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !' ), get_option( 'admin_email' ) ) );
return $errors; return $errors;
} }
update_user_option($user_id, 'default_password_nag', true, true); //Set up the Password change nag. update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.
wp_new_user_notification($user_id, $user_pass); wp_new_user_notification( $user_id, $user_pass );
return $user_id; return $user_id;
} }