WordPress.org

Make WordPress Core

Ticket #21730: 21730.patch

File 21730.patch, 6.0 KB (added by boonebgorges, 8 years ago)

  • wp-includes/ms-functions.php

     
    361361// Admin functions
    362362
    363363/**
     364 * Checks an email address against a list of allowed domains.
     365 *
     366 * This function checks agains the Limited Email Domains list
     367 * at wp-admin/network/settings.php. The check is only run on
     368 * self-registrations; user creation at wp-admin/network/users.php
     369 * bypasses this check.
     370 *
     371 * @since 3.5
     372 *
     373 * @param string $user_email The email provided by the user at registration
     374 * @return bool Returnsn true when the email address is allowed
     375 */
     376function is_email_address_allowed( $user_email ) {
     377        $is_allowed = true;
     378        $limited_email_domains = get_site_option( 'limited_email_domains' );
     379        if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) {
     380                $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
     381                if ( ! in_array( $emaildomain, $limited_email_domains ) ) {
     382                        $is_allowed = false;
     383                }
     384        }
     385
     386        return apply_filters( 'is_email_address_allowed', $is_allowed );
     387}
     388
     389/**
    364390 * Checks an email address against a list of banned domains.
    365391 *
    366392 * This function checks against the Banned Email Domains list
     
    374400 * @return bool Returns true when the email address is banned.
    375401 */
    376402function is_email_address_unsafe( $user_email ) {
     403        $is_unsafe = false;
    377404        $banned_names = get_site_option( 'banned_email_domains' );
    378405        if ($banned_names && !is_array( $banned_names ))
    379406                $banned_names = explode( "\n", $banned_names);
     
    390417                                        preg_match( $banned_domain, $email_domain )
    391418                                )
    392419                        )
    393                         return true;
     420                                $is_unsafe = true;
    394421                }
    395422        }
    396         return false;
     423
     424        return apply_filters( 'is_email_address_unsafe', $is_unsafe, $user_email );
    397425}
    398426
    399427/**
     428 * Check to see whether an email address is usable for a WP user account
     429 *
     430 * This is a convenience function that wraps several disparate email validators
     431 * throughout WordPress:
     432 *   - check that an email address is well-formed
     433 *   - check that the email domain has not been banned by the admin
     434 *   - check that the email domain is on the whitelist, if one exists
     435 *   - check that the email address isn't already in use
     436 *
     437 * @since 1.7
     438 * @uses is_email()
     439 * @uses is_email_address_unsafe()
     440 * @uses is_email_address_allowed()
     441 * @uses email_exists()
     442 *
     443 * @param string $user_email The email address to check
     444 * @return bool|array True if the email passes all checks; otherwise an array
     445 *   of error codes
     446 */
     447function wp_validate_email_address( $user_email ) {
     448        $errors = array();
     449
     450        $user_email = sanitize_email( $user_email );
     451
     452        if ( ! is_email( $user_email ) )
     453                $errors['invalid'] = 1;
     454
     455        if ( is_email_address_unsafe( $user_email ) )
     456                $errors['domain_banned'] = 1;
     457
     458        if ( ! is_email_address_allowed( $user_email ) )
     459                $errors['domain_not_allowed'] = 1;
     460
     461        if ( email_exists( $user_email ) )
     462                $errors['in_use'] = 1;
     463
     464        $retval = ! empty( $errors ) ? $errors : true;
     465
     466        return apply_filters( 'wp_validate_email_address', $retval, $user_email );
     467}
     468/**
    400469 * Processes new user registrations.
    401470 *
    402471 * Checks the data provided by the user during signup. Verifies
     
    433502                $user_name = $orig_username;
    434503        }
    435504
    436         $user_email = sanitize_email( $user_email );
    437 
    438505        if ( empty( $user_name ) )
    439506                $errors->add('user_name', __( 'Please enter a username.' ) );
    440507
     
    446513        if ( in_array( $user_name, $illegal_names ) == true )
    447514                $errors->add('user_name',  __( 'That username is not allowed.' ) );
    448515
    449         if ( is_email_address_unsafe( $user_email ) )
    450                 $errors->add('user_email',  __('You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.'));
    451 
    452516        if ( strlen( $user_name ) < 4 )
    453517                $errors->add('user_name',  __( 'Username must be at least 4 characters.' ) );
    454518
    455519        if ( strpos( ' ' . $user_name, '_' ) != false )
    456520                $errors->add( 'user_name', __( 'Sorry, usernames may not contain the character &#8220;_&#8221;!' ) );
    457521
     522        // Check if the username has been used already.
     523        if ( username_exists($user_name) )
     524                $errors->add('user_name', __('Sorry, that username already exists!'));
     525
    458526        // all numeric?
    459527        $match = array();
    460528        preg_match( '/[0-9]*/', $user_name, $match );
    461529        if ( $match[0] == $user_name )
    462530                $errors->add('user_name', __('Sorry, usernames must have letters too!'));
    463531
    464         if ( !is_email( $user_email ) )
    465                 $errors->add('user_email', __( 'Please enter a correct email address.' ) );
     532        $email_check = wp_validate_email_address( $user_email );
    466533
    467         $limited_email_domains = get_site_option( 'limited_email_domains' );
    468         if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) {
    469                 $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
    470                 if ( in_array( $emaildomain, $limited_email_domains ) == false )
     534        if ( true !== $email_check ) {
     535                if ( isset( $email_check['invalid'] ) )
     536                        $errors->add('user_email', __( 'Please enter a correct email address.' ) );
     537
     538                if ( isset( $email_check['domain_banned'] ) )
     539                        $errors->add('user_email',  __('You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.'));
     540
     541                if ( isset( $email_check['domain_not_allowed'] ) )
    471542                        $errors->add('user_email', __('Sorry, that email address is not allowed!'));
     543
     544                if ( isset( $email_check['in_use'] ) )
     545                        $errors->add('user_email', __('Sorry, that email address is already used!'));
    472546        }
    473547
    474         // Check if the username has been used already.
    475         if ( username_exists($user_name) )
    476                 $errors->add('user_name', __('Sorry, that username already exists!'));
    477 
    478         // Check if the email address has been used already.
    479         if ( email_exists($user_email) )
    480                 $errors->add('user_email', __('Sorry, that email address is already used!'));
    481 
    482548        // Has someone already signed up for this username?
    483549        $signup = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->signups WHERE user_login = %s", $user_name) );
    484550        if ( $signup != null ) {