From 788973ffb2beff9ef5fe78998ace853ef9152ba9 Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Sat, 31 Aug 2013 04:35:15 +0000 Subject: [PATCH] Case insensitivity for is_email_address_unsafe(). props jkudish. fixes #25046. git-svn-id: https://develop.svn.wordpress.org/trunk@25197 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 7 +++++-- tests/phpunit/tests/ms.php | 17 ++++++++++++++++- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index 7ac4f56ab2..d74da8fc8f 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -379,7 +379,10 @@ function is_email_address_unsafe( $user_email ) { $is_email_address_unsafe = false; if ( $banned_names && is_array( $banned_names ) ) { - list( $email_local_part, $email_domain ) = explode( '@', $user_email ); + $banned_names = array_map( 'strtolower', $banned_names ); + $normalized_email = strtolower( $user_email ); + + list( $email_local_part, $email_domain ) = explode( '@', $normalized_email ); foreach ( $banned_names as $banned_domain ) { if ( ! $banned_domain ) @@ -391,7 +394,7 @@ function is_email_address_unsafe( $user_email ) { } $dotted_domain = ".$banned_domain"; - if ( $dotted_domain === substr( $user_email, -strlen( $dotted_domain ) ) ) { + if ( $dotted_domain === substr( $normalized_email, -strlen( $dotted_domain ) ) ) { $is_email_address_unsafe = true; break; } diff --git a/tests/phpunit/tests/ms.php b/tests/phpunit/tests/ms.php index 43fa94ed60..73bda9e55e 100644 --- a/tests/phpunit/tests/ms.php +++ b/tests/phpunit/tests/ms.php @@ -827,7 +827,7 @@ class Tests_MS extends WP_UnitTestCase { /** * @ticket 21570 */ - function test_is_email_address_unsafe() { + function test_aggressiveness_of_is_email_address_unsafe() { update_site_option( 'banned_email_domains', array( 'bar.com', 'foo.co' ) ); foreach ( array( 'test@bar.com', 'test@foo.bar.com', 'test@foo.co', 'test@subdomain.foo.co' ) as $email_address ) { @@ -839,6 +839,21 @@ class Tests_MS extends WP_UnitTestCase { } } + /** + * @ticket 25046 + */ + function test_case_sensitivity_of_is_email_address_unsafe() { + update_site_option( 'banned_email_domains', array( 'baR.com', 'Foo.co', 'barfoo.COM', 'BAZ.com' ) ); + + foreach ( array( 'test@Bar.com', 'tEst@bar.com', 'test@barFoo.com', 'tEst@foo.bar.com', 'test@baz.Com' ) as $email_address ) { + $this->assertTrue( is_email_address_unsafe( $email_address ), "$email_address should be UNSAFE" ); + } + + foreach ( array( 'test@Foobar.com', 'test@Foo-bar.com', 'tEst@foobar.com', 'test@Subdomain.Foo.com', 'test@fooBAz.com' ) as $email_address ) { + $this->assertFalse( is_email_address_unsafe( $email_address ), "$email_address should be SAFE" ); + } + + } /** * @ticket 21552 * @ticket 23418