Ticket #21730: 21730.patch
File 21730.patch, 6.0 KB (added by , 9 years ago) |
---|
-
wp-includes/ms-functions.php
361 361 // Admin functions 362 362 363 363 /** 364 * Checks an email address against a list of allowed domains. 365 * 366 * This function checks agains the Limited Email Domains list 367 * at wp-admin/network/settings.php. The check is only run on 368 * self-registrations; user creation at wp-admin/network/users.php 369 * bypasses this check. 370 * 371 * @since 3.5 372 * 373 * @param string $user_email The email provided by the user at registration 374 * @return bool Returnsn true when the email address is allowed 375 */ 376 function is_email_address_allowed( $user_email ) { 377 $is_allowed = true; 378 $limited_email_domains = get_site_option( 'limited_email_domains' ); 379 if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) { 380 $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) ); 381 if ( ! in_array( $emaildomain, $limited_email_domains ) ) { 382 $is_allowed = false; 383 } 384 } 385 386 return apply_filters( 'is_email_address_allowed', $is_allowed ); 387 } 388 389 /** 364 390 * Checks an email address against a list of banned domains. 365 391 * 366 392 * This function checks against the Banned Email Domains list … … 374 400 * @return bool Returns true when the email address is banned. 375 401 */ 376 402 function is_email_address_unsafe( $user_email ) { 403 $is_unsafe = false; 377 404 $banned_names = get_site_option( 'banned_email_domains' ); 378 405 if ($banned_names && !is_array( $banned_names )) 379 406 $banned_names = explode( "\n", $banned_names); … … 390 417 preg_match( $banned_domain, $email_domain ) 391 418 ) 392 419 ) 393 returntrue;420 $is_unsafe = true; 394 421 } 395 422 } 396 return false; 423 424 return apply_filters( 'is_email_address_unsafe', $is_unsafe, $user_email ); 397 425 } 398 426 399 427 /** 428 * Check to see whether an email address is usable for a WP user account 429 * 430 * This is a convenience function that wraps several disparate email validators 431 * throughout WordPress: 432 * - check that an email address is well-formed 433 * - check that the email domain has not been banned by the admin 434 * - check that the email domain is on the whitelist, if one exists 435 * - check that the email address isn't already in use 436 * 437 * @since 1.7 438 * @uses is_email() 439 * @uses is_email_address_unsafe() 440 * @uses is_email_address_allowed() 441 * @uses email_exists() 442 * 443 * @param string $user_email The email address to check 444 * @return bool|array True if the email passes all checks; otherwise an array 445 * of error codes 446 */ 447 function wp_validate_email_address( $user_email ) { 448 $errors = array(); 449 450 $user_email = sanitize_email( $user_email ); 451 452 if ( ! is_email( $user_email ) ) 453 $errors['invalid'] = 1; 454 455 if ( is_email_address_unsafe( $user_email ) ) 456 $errors['domain_banned'] = 1; 457 458 if ( ! is_email_address_allowed( $user_email ) ) 459 $errors['domain_not_allowed'] = 1; 460 461 if ( email_exists( $user_email ) ) 462 $errors['in_use'] = 1; 463 464 $retval = ! empty( $errors ) ? $errors : true; 465 466 return apply_filters( 'wp_validate_email_address', $retval, $user_email ); 467 } 468 /** 400 469 * Processes new user registrations. 401 470 * 402 471 * Checks the data provided by the user during signup. Verifies … … 433 502 $user_name = $orig_username; 434 503 } 435 504 436 $user_email = sanitize_email( $user_email );437 438 505 if ( empty( $user_name ) ) 439 506 $errors->add('user_name', __( 'Please enter a username.' ) ); 440 507 … … 446 513 if ( in_array( $user_name, $illegal_names ) == true ) 447 514 $errors->add('user_name', __( 'That username is not allowed.' ) ); 448 515 449 if ( is_email_address_unsafe( $user_email ) )450 $errors->add('user_email', __('You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.'));451 452 516 if ( strlen( $user_name ) < 4 ) 453 517 $errors->add('user_name', __( 'Username must be at least 4 characters.' ) ); 454 518 455 519 if ( strpos( ' ' . $user_name, '_' ) != false ) 456 520 $errors->add( 'user_name', __( 'Sorry, usernames may not contain the character “_”!' ) ); 457 521 522 // Check if the username has been used already. 523 if ( username_exists($user_name) ) 524 $errors->add('user_name', __('Sorry, that username already exists!')); 525 458 526 // all numeric? 459 527 $match = array(); 460 528 preg_match( '/[0-9]*/', $user_name, $match ); 461 529 if ( $match[0] == $user_name ) 462 530 $errors->add('user_name', __('Sorry, usernames must have letters too!')); 463 531 464 if ( !is_email( $user_email ) ) 465 $errors->add('user_email', __( 'Please enter a correct email address.' ) ); 532 $email_check = wp_validate_email_address( $user_email ); 466 533 467 $limited_email_domains = get_site_option( 'limited_email_domains' ); 468 if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) { 469 $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) ); 470 if ( in_array( $emaildomain, $limited_email_domains ) == false ) 534 if ( true !== $email_check ) { 535 if ( isset( $email_check['invalid'] ) ) 536 $errors->add('user_email', __( 'Please enter a correct email address.' ) ); 537 538 if ( isset( $email_check['domain_banned'] ) ) 539 $errors->add('user_email', __('You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.')); 540 541 if ( isset( $email_check['domain_not_allowed'] ) ) 471 542 $errors->add('user_email', __('Sorry, that email address is not allowed!')); 543 544 if ( isset( $email_check['in_use'] ) ) 545 $errors->add('user_email', __('Sorry, that email address is already used!')); 472 546 } 473 547 474 // Check if the username has been used already.475 if ( username_exists($user_name) )476 $errors->add('user_name', __('Sorry, that username already exists!'));477 478 // Check if the email address has been used already.479 if ( email_exists($user_email) )480 $errors->add('user_email', __('Sorry, that email address is already used!'));481 482 548 // Has someone already signed up for this username? 483 549 $signup = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->signups WHERE user_login = %s", $user_name) ); 484 550 if ( $signup != null ) {