WordPress.org

Make WordPress Core

Ticket #21730: 21730.patch

File 21730.patch, 6.0 KB (added by boonebgorges, 20 months ago)
  • wp-includes/ms-functions.php

     
    361361// Admin functions 
    362362 
    363363/** 
     364 * Checks an email address against a list of allowed domains. 
     365 * 
     366 * This function checks agains the Limited Email Domains list 
     367 * at wp-admin/network/settings.php. The check is only run on 
     368 * self-registrations; user creation at wp-admin/network/users.php 
     369 * bypasses this check. 
     370 * 
     371 * @since 3.5 
     372 * 
     373 * @param string $user_email The email provided by the user at registration 
     374 * @return bool Returnsn true when the email address is allowed 
     375 */ 
     376function is_email_address_allowed( $user_email ) { 
     377        $is_allowed = true; 
     378        $limited_email_domains = get_site_option( 'limited_email_domains' ); 
     379        if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) { 
     380                $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) ); 
     381                if ( ! in_array( $emaildomain, $limited_email_domains ) ) { 
     382                        $is_allowed = false; 
     383                } 
     384        } 
     385 
     386        return apply_filters( 'is_email_address_allowed', $is_allowed ); 
     387} 
     388 
     389/** 
    364390 * Checks an email address against a list of banned domains. 
    365391 * 
    366392 * This function checks against the Banned Email Domains list 
     
    374400 * @return bool Returns true when the email address is banned. 
    375401 */ 
    376402function is_email_address_unsafe( $user_email ) { 
     403        $is_unsafe = false; 
    377404        $banned_names = get_site_option( 'banned_email_domains' ); 
    378405        if ($banned_names && !is_array( $banned_names )) 
    379406                $banned_names = explode( "\n", $banned_names); 
     
    390417                                        preg_match( $banned_domain, $email_domain ) 
    391418                                ) 
    392419                        ) 
    393                         return true; 
     420                                $is_unsafe = true; 
    394421                } 
    395422        } 
    396         return false; 
     423 
     424        return apply_filters( 'is_email_address_unsafe', $is_unsafe, $user_email ); 
    397425} 
    398426 
    399427/** 
     428 * Check to see whether an email address is usable for a WP user account 
     429 * 
     430 * This is a convenience function that wraps several disparate email validators 
     431 * throughout WordPress: 
     432 *   - check that an email address is well-formed 
     433 *   - check that the email domain has not been banned by the admin 
     434 *   - check that the email domain is on the whitelist, if one exists 
     435 *   - check that the email address isn't already in use 
     436 * 
     437 * @since 1.7 
     438 * @uses is_email() 
     439 * @uses is_email_address_unsafe() 
     440 * @uses is_email_address_allowed() 
     441 * @uses email_exists() 
     442 * 
     443 * @param string $user_email The email address to check 
     444 * @return bool|array True if the email passes all checks; otherwise an array 
     445 *   of error codes 
     446 */ 
     447function wp_validate_email_address( $user_email ) { 
     448        $errors = array(); 
     449 
     450        $user_email = sanitize_email( $user_email ); 
     451 
     452        if ( ! is_email( $user_email ) ) 
     453                $errors['invalid'] = 1; 
     454 
     455        if ( is_email_address_unsafe( $user_email ) ) 
     456                $errors['domain_banned'] = 1; 
     457 
     458        if ( ! is_email_address_allowed( $user_email ) ) 
     459                $errors['domain_not_allowed'] = 1; 
     460 
     461        if ( email_exists( $user_email ) ) 
     462                $errors['in_use'] = 1; 
     463 
     464        $retval = ! empty( $errors ) ? $errors : true; 
     465 
     466        return apply_filters( 'wp_validate_email_address', $retval, $user_email ); 
     467} 
     468/** 
    400469 * Processes new user registrations. 
    401470 * 
    402471 * Checks the data provided by the user during signup. Verifies 
     
    433502                $user_name = $orig_username; 
    434503        } 
    435504 
    436         $user_email = sanitize_email( $user_email ); 
    437  
    438505        if ( empty( $user_name ) ) 
    439506                $errors->add('user_name', __( 'Please enter a username.' ) ); 
    440507 
     
    446513        if ( in_array( $user_name, $illegal_names ) == true ) 
    447514                $errors->add('user_name',  __( 'That username is not allowed.' ) ); 
    448515 
    449         if ( is_email_address_unsafe( $user_email ) ) 
    450                 $errors->add('user_email',  __('You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.')); 
    451  
    452516        if ( strlen( $user_name ) < 4 ) 
    453517                $errors->add('user_name',  __( 'Username must be at least 4 characters.' ) ); 
    454518 
    455519        if ( strpos( ' ' . $user_name, '_' ) != false ) 
    456520                $errors->add( 'user_name', __( 'Sorry, usernames may not contain the character &#8220;_&#8221;!' ) ); 
    457521 
     522        // Check if the username has been used already. 
     523        if ( username_exists($user_name) ) 
     524                $errors->add('user_name', __('Sorry, that username already exists!')); 
     525 
    458526        // all numeric? 
    459527        $match = array(); 
    460528        preg_match( '/[0-9]*/', $user_name, $match ); 
    461529        if ( $match[0] == $user_name ) 
    462530                $errors->add('user_name', __('Sorry, usernames must have letters too!')); 
    463531 
    464         if ( !is_email( $user_email ) ) 
    465                 $errors->add('user_email', __( 'Please enter a correct email address.' ) ); 
     532        $email_check = wp_validate_email_address( $user_email ); 
    466533 
    467         $limited_email_domains = get_site_option( 'limited_email_domains' ); 
    468         if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) { 
    469                 $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) ); 
    470                 if ( in_array( $emaildomain, $limited_email_domains ) == false ) 
     534        if ( true !== $email_check ) { 
     535                if ( isset( $email_check['invalid'] ) ) 
     536                        $errors->add('user_email', __( 'Please enter a correct email address.' ) ); 
     537 
     538                if ( isset( $email_check['domain_banned'] ) ) 
     539                        $errors->add('user_email',  __('You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.')); 
     540 
     541                if ( isset( $email_check['domain_not_allowed'] ) ) 
    471542                        $errors->add('user_email', __('Sorry, that email address is not allowed!')); 
     543 
     544                if ( isset( $email_check['in_use'] ) ) 
     545                        $errors->add('user_email', __('Sorry, that email address is already used!')); 
    472546        } 
    473547 
    474         // Check if the username has been used already. 
    475         if ( username_exists($user_name) ) 
    476                 $errors->add('user_name', __('Sorry, that username already exists!')); 
    477  
    478         // Check if the email address has been used already. 
    479         if ( email_exists($user_email) ) 
    480                 $errors->add('user_email', __('Sorry, that email address is already used!')); 
    481  
    482548        // Has someone already signed up for this username? 
    483549        $signup = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->signups WHERE user_login = %s", $user_name) ); 
    484550        if ( $signup != null ) {