Index: wp-login.php
===================================================================
--- wp-login.php (revision 14375)
+++ wp-login.php (working copy)
@@ -271,16 +271,16 @@
function register_new_user($user_login, $user_email) {
$errors = new WP_Error();
- $user_login = sanitize_user( $user_login );
+ $sanitized_user_login = sanitize_user( $user_login );
$user_email = apply_filters( 'user_registration_email', $user_email );
// Check the username
- if ( $user_login == '' )
+ if ( $sanitized_user_login == '' )
$errors->add('empty_username', __('ERROR: Please enter a username.'));
elseif ( !validate_username( $user_login ) ) {
- $errors->add('invalid_username', __('ERROR: This username is invalid. Please enter a valid username.'));
- $user_login = '';
- } elseif ( username_exists( $user_login ) )
+ $errors->add('invalid_username', __('ERROR: This username is invalid because it uses characters illegal characters. Please enter a valid username.'));
+ $sanitized_user_login = '';
+ } elseif ( username_exists( $sanitized_user_login ) )
$errors->add('username_exists', __('ERROR: This username is already registered, please choose another one.'));
// Check the e-mail address
@@ -292,15 +292,15 @@
} elseif ( email_exists( $user_email ) )
$errors->add('email_exists', __('ERROR: This email is already registered, please choose another one.'));
- do_action('register_post', $user_login, $user_email, $errors);
+ do_action('register_post', $sanitized_user_login, $user_email, $errors);
- $errors = apply_filters( 'registration_errors', $errors, $user_login, $user_email );
+ $errors = apply_filters( 'registration_errors', $errors, $sanitized_user_login, $user_email );
if ( $errors->get_error_code() )
return $errors;
$user_pass = wp_generate_password();
- $user_id = wp_create_user( $user_login, $user_pass, $user_email );
+ $user_id = wp_create_user( $saitized_user_login, $user_pass, $user_email );
if ( !$user_id ) {
$errors->add('registerfail', sprintf(__('ERROR: Couldn’t register you... please contact the webmaster !'), get_option('admin_email')));
return $errors;
Index: wp-includes/formatting.php
===================================================================
--- wp-includes/formatting.php (revision 14375)
+++ wp-includes/formatting.php (working copy)
@@ -735,19 +735,20 @@
*/
function sanitize_user( $username, $strict = false ) {
$raw_username = $username;
- $username = wp_strip_all_tags($username);
+ $username = wp_strip_all_tags( $username );
+ $username = remove_accents( $username );
// Kill octets
- $username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username);
- $username = preg_replace('/&.+?;/', '', $username); // Kill entities
+ $username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username );
+ $username = preg_replace( '/&.+?;/', '', $username ); // Kill entities
// If strict, reduce to ASCII for max portability.
if ( $strict )
- $username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username);
+ $username = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $username );
// Consolidate contiguous whitespace
- $username = preg_replace('|\s+|', ' ', $username);
+ $username = preg_replace( '|\s+|', ' ', $username );
- return apply_filters('sanitize_user', $username, $raw_username, $strict);
+ return apply_filters( 'sanitize_user', $username, $raw_username, $strict );
}
/**
Index: wp-admin/includes/user.php
===================================================================
--- wp-admin/includes/user.php (revision 14375)
+++ wp-admin/includes/user.php (working copy)
@@ -158,8 +158,8 @@
if ( !empty( $pass1 ) )
$user->user_pass = $pass1;
- if ( !$update && !validate_username( $user->user_login ) )
- $errors->add( 'user_login', __( 'ERROR: This username is invalid. Please enter a valid username.' ));
+ if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) )
+ $errors->add( 'user_login', __( 'ERROR: This username is invalid because it uses characters illegal characters. Please enter a valid username.' ));
if ( !$update && username_exists( $user->user_login ) )
$errors->add( 'user_login', __( 'ERROR: This username is already registered. Please choose another one.' ));