WordPress.org

Make WordPress Core

Ticket #15198: 15198.diff

File 15198.diff, 1.9 KB (added by duck_, 3 years ago)
  • wp-includes/formatting.php

     
    724724/** 
    725725 * Sanitize username stripping out unsafe characters. 
    726726 * 
    727  * If $strict is true, only alphanumeric characters (as well as _, space, ., -, 
    728  * @) are returned. 
    729  * Removes tags, octets, entities, and if strict is enabled, will remove all 
    730  * non-ASCII characters. After sanitizing, it passes the username, raw username 
    731  * (the username in the parameter), and the strict parameter as parameters for 
    732  * the filter. 
     727 * Removes tags, octets, entities, and if strict is enabled, will only keep 
     728 * alphanumeric, _, space, ., -, @. After sanitizing, it passes the username,  
     729 * raw username (the username in the parameter), and the value of $strict as 
     730 * parameters for the 'sanitize_user' filter. 
    733731 * 
    734732 * @since 2.0.0 
    735733 * @uses apply_filters() Calls 'sanitize_user' hook on username, raw username, 
     
    751749        if ( $strict ) 
    752750                $username = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $username ); 
    753751 
     752        $username = trim( $username ); 
    754753        // Consolidate contiguous whitespace 
    755754        $username = preg_replace( '|\s+|', ' ', $username ); 
    756755 
     
    760759/** 
    761760 * Sanitize a string key. 
    762761 * 
    763  * Keys are used as internal identifiers. They should be lowercase ASCII.  Dashes and underscores are allowed. 
     762 * Keys are used as internal identifiers. Lowercase alphanumeric characters, dashes and underscores are allowed. 
    764763 * 
    765764 * @since 3.0.0 
    766765 * 
     
    769768 */ 
    770769function sanitize_key( $key ) { 
    771770        $raw_key = $key; 
    772  
    773         $key = preg_replace('|[^a-z0-9 _.\-@]|i', '', $key); 
    774  
    775         // Consolidate contiguous whitespace 
    776         $key = preg_replace('|\s+|', ' ', $key); 
    777  
    778         return apply_filters('sanitize_key', $key, $raw_key); 
     771        $key = strtolower( $key ); 
     772        $key = preg_replace( '/[^a-z0-9_\-]/', '', $key ); 
     773        return apply_filters( 'sanitize_key', $key, $raw_key ); 
    779774} 
    780775 
    781776/**