Ticket #27317: 27317.3.diff

src/wp-admin/includes/user.php

@@ -146 +146 @@
         $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
 
         if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
-                $errors->add( 'illegal_user_login', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
+                $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
         }
 
         /* checking email address */

src/wp-includes/user.php

@@ -1331 +1331 @@
         $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
 
         if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
-                return new WP_Error( 'illegal_user_login', __( 'Sorry, that username is not allowed.' ) );
+                return new WP_Error( 'invalid_username', __( 'Sorry, that username is not allowed.' ) );
         }
 
         /*
@@ -2124 +2124 @@
                 $sanitized_user_login = '';
         } elseif ( username_exists( $sanitized_user_login ) ) {
                 $errors->add( 'username_exists', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ) );
+
+        } else {
+                /** This filter is documented in wp-includes/user.php */
+                $illegal_user_logins = array_map( 'strtolower', (array) apply_filters( 'illegal_user_logins', array() ) );
+                if ( in_array( strtolower( $sanitized_user_login ), $illegal_user_logins ) ) {
+                        $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
+                }
         }
 
         // Check the email address

tests/phpunit/tests/user.php

@@ -622 +622 @@
 
                 $response = wp_insert_user( $user_data );
                 $this->assertInstanceOf( 'WP_Error', $response );
-                $this->assertEquals( 'illegal_user_login', $response->get_error_code() );
+                $this->assertEquals( 'invalid_username', $response->get_error_code() );
 
                 remove_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) );
 
@@ -633 +633 @@
 
         /**
          * @ticket 27317
+         * @dataProvider _illegal_user_logins_data
+         */
+        function test_illegal_user_logins_single_wp_create_user( $user_login ) {
+                $user_email = 'testuser-' . $user_login . '@example.com';
+
+                add_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) );
+
+                $response = register_new_user( $user_login, $user_email );
+                $this->assertInstanceOf( 'WP_Error', $response );
+                $this->assertEquals( 'invalid_username', $response->get_error_code() );
+
+                remove_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) );
+
+                $response = register_new_user( $user_login, $user_email );
+                $user = get_user_by( 'id', $response );
+                $this->assertInstanceOf( 'WP_User', $user );
+        }
+
+
+        /**
+         * @ticket 27317
          */
         function test_illegal_user_logins_multisite() {
                 if ( ! is_multisite() ) {
@@ -658 +679 @@
         }
 
         function _illegal_user_logins_data() {
-                return array(
-                        array( 'testuser' ),
-                        array( 'TestUser' ),
+                $data = array(
+                        array( 'testuser' )
                 );
+
+                // Multisite doesn't allow mixed case logins ever
+                if ( ! is_multisite() ) {
+                        $data[] = array( 'TestUser' );
+                }
+                return $data;
         }
 
         function _illegal_user_logins() {