sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use 'invalid_username' error code when tripping 'illegal_user_logins'.

Browse Source 
This gives us better compatibility with existing errors thrown by
`sanitize_user()`, especially in Multisite, where user_login has more
restrictions on allowed characters.

Props markjaquith.
Fixes #27317.

git-svn-id: https://develop.svn.wordpress.org/trunk@35772 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Boone Gorges 2015-12-04 23:24:56 +00:00
parent 6825c7226e
commit a1f89f4e86
3 changed files with 38 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/wp-admin/includes/user.php
View File

@ -146,7 +146,7 @@ function edit_user( $user_id = 0 ) {
$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
$errors->add( 'illegal_user_login', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
$errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
}
/* checking email address */

9
src/wp-includes/user.php
View File

@ -1331,7 +1331,7 @@ function wp_insert_user( $userdata ) {
$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
return new WP_Error( 'illegal_user_login', __( 'Sorry, that username is not allowed.' ) );
return new WP_Error( 'invalid_username', __( 'Sorry, that username is not allowed.' ) );
}
/*
@ -2124,6 +2124,13 @@ function register_new_user( $user_login, $user_email ) {
$sanitized_user_login = '';
} elseif ( username_exists( $sanitized_user_login ) ) {
$errors->add( 'username_exists', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ) );
} else {
/** This filter is documented in wp-includes/user.php */
$illegal_user_logins = array_map( 'strtolower', (array) apply_filters( 'illegal_user_logins', array() ) );
if ( in_array( strtolower( $sanitized_user_login ), $illegal_user_logins ) ) {
$errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
}
}
// Check the email address

33
tests/phpunit/tests/user.php
View File

@ -622,7 +622,7 @@ class Tests_User extends WP_UnitTestCase {
$response = wp_insert_user( $user_data );
$this->assertInstanceOf( 'WP_Error', $response );
$this->assertEquals( 'illegal_user_login', $response->get_error_code() );
$this->assertEquals( 'invalid_username', $response->get_error_code() );
remove_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) );
@ -631,6 +631,26 @@ class Tests_User extends WP_UnitTestCase {
$this->assertInstanceOf( 'WP_User', $user );
}
/**
* @ticket 27317
* @dataProvider _illegal_user_logins_data
*/
function test_illegal_user_logins_single_wp_create_user( $user_login ) {
$user_email = 'testuser-' . $user_login . '@example.com';
add_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) );
$response = register_new_user( $user_login, $user_email );
$this->assertInstanceOf( 'WP_Error', $response );
$this->assertEquals( 'invalid_username', $response->get_error_code() );
remove_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) );
$response = register_new_user( $user_login, $user_email );
$user = get_user_by( 'id', $response );
$this->assertInstanceOf( 'WP_User', $user );
}
/**
* @ticket 27317
*/
@ -658,10 +678,15 @@ class Tests_User extends WP_UnitTestCase {
}
function _illegal_user_logins_data() {
return array(
array( 'testuser' ),
array( 'TestUser' ),
$data = array(
array( 'testuser' )
);
// Multisite doesn't allow mixed case logins ever
if ( ! is_multisite() ) {
$data[] = array( 'TestUser' );
}
return $data;
}
function _illegal_user_logins() {