sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Case insensitivity for is_email_address_unsafe().

Browse Source 
props jkudish.
fixes #25046.


git-svn-id: https://develop.svn.wordpress.org/trunk@25197 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2013-08-31 04:35:15 +00:00
parent d25d2a812b
commit 788973ffb2
2 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/wp-includes/ms-functions.php
View File

@ -379,7 +379,10 @@ function is_email_address_unsafe( $user_email ) {
$is_email_address_unsafe = false; $is_email_address_unsafe = false;
if ( $banned_names && is_array( $banned_names ) ) { if ( $banned_names && is_array( $banned_names ) ) {
list( $email_local_part, $email_domain ) = explode( '@', $user_email ); $banned_names = array_map( 'strtolower', $banned_names );
$normalized_email = strtolower( $user_email );
list( $email_local_part, $email_domain ) = explode( '@', $normalized_email );
foreach ( $banned_names as $banned_domain ) { foreach ( $banned_names as $banned_domain ) {
if ( ! $banned_domain ) if ( ! $banned_domain )
@ -391,7 +394,7 @@ function is_email_address_unsafe( $user_email ) {
} }
$dotted_domain = ".$banned_domain"; $dotted_domain = ".$banned_domain";
if ( $dotted_domain === substr( $user_email, -strlen( $dotted_domain ) ) ) { if ( $dotted_domain === substr( $normalized_email, -strlen( $dotted_domain ) ) ) {
$is_email_address_unsafe = true; $is_email_address_unsafe = true;
break; break;
} }

17
tests/phpunit/tests/ms.php
View File

@ -827,7 +827,7 @@ class Tests_MS extends WP_UnitTestCase {
/** /**
* @ticket 21570 * @ticket 21570
*/ */
function test_is_email_address_unsafe() { function test_aggressiveness_of_is_email_address_unsafe() {
update_site_option( 'banned_email_domains', array( 'bar.com', 'foo.co' ) ); update_site_option( 'banned_email_domains', array( 'bar.com', 'foo.co' ) );
foreach ( array( 'test@bar.com', 'test@foo.bar.com', 'test@foo.co', 'test@subdomain.foo.co' ) as $email_address ) { foreach ( array( 'test@bar.com', 'test@foo.bar.com', 'test@foo.co', 'test@subdomain.foo.co' ) as $email_address ) {
@ -839,6 +839,21 @@ class Tests_MS extends WP_UnitTestCase {
} }
} }
/**
* @ticket 25046
*/
function test_case_sensitivity_of_is_email_address_unsafe() {
update_site_option( 'banned_email_domains', array( 'baR.com', 'Foo.co', 'barfoo.COM', 'BAZ.com' ) );
foreach ( array( 'test@Bar.com', 'tEst@bar.com', 'test@barFoo.com', 'tEst@foo.bar.com', 'test@baz.Com' ) as $email_address ) {
$this->assertTrue( is_email_address_unsafe( $email_address ), "$email_address should be UNSAFE" );
}
foreach ( array( 'test@Foobar.com', 'test@Foo-bar.com', 'tEst@foobar.com', 'test@Subdomain.Foo.com', 'test@fooBAz.com' ) as $email_address ) {
$this->assertFalse( is_email_address_unsafe( $email_address ), "$email_address should be SAFE" );
}
}
/** /**
* @ticket 21552 * @ticket 21552
* @ticket 23418 * @ticket 23418