Ticket #27317: 27317.4.patch
File 27317.4.patch, 5.4 KB (added by , 9 years ago) |
---|
-
src/wp-admin/includes/user.php
142 142 $errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) ); 143 143 144 144 /* checking the password has been typed twice the same */ 145 if ( $pass1 != $pass2 ) 145 if ( $pass1 != $pass2 ) { 146 146 $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter the same password in the two password fields.' ), array( 'form-field' => 'pass1' ) ); 147 } 147 148 148 149 if ( !empty( $pass1 ) ) 149 150 $user->user_pass = $pass1; 150 151 151 if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) ) 152 $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' )); 152 if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) ) { 153 $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) ); 154 } 153 155 154 if ( !$update && username_exists( $user->user_login ) ) 156 if ( !$update && username_exists( $user->user_login ) ) { 155 157 $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' )); 158 } 156 159 160 /** 161 * Filter which allows usernames to be blacklisted 162 * 163 * @since 4.4.0 164 * 165 * @param array array() Array of blacklisted usernames 166 */ 167 if ( in_array( $user->user_login, apply_filters( 'illegal_user_logins', array() ) ) ) { 168 $errors->add( 'illegal_user_login', __( "Sorry, that username is not allowed." ) ); 169 } 170 157 171 /* checking email address */ 158 172 if ( empty( $user->user_email ) ) { 159 173 $errors->add( 'empty_email', __( '<strong>ERROR</strong>: Please enter an email address.' ), array( 'form-field' => 'email' ) ); -
src/wp-includes/ms-functions.php
488 488 if ( in_array( $user_name, $illegal_names ) ) 489 489 $errors->add('user_name', __( 'That username is not allowed.' ) ); 490 490 491 if ( in_array( $user_name, apply_filters( 'illegal_user_logins', array() ) ) ) { 492 $errors->add('user_name', __( 'That username is not allowed.' ) ); 493 } 494 491 495 if ( is_email_address_unsafe( $user_email ) ) 492 496 $errors->add('user_email', __('You cannot use that email address to signup. We are having problems with them blocking some of our email. Please use another email provider.')); 493 497 -
src/wp-includes/user-functions.php
1292 1292 return new WP_Error( 'existing_user_login', __( 'Sorry, that username already exists!' ) ); 1293 1293 } 1294 1294 1295 /** 1296 * Defined in /wp-admin/includes/user.php 1297 */ 1298 if ( in_array( $user_login, apply_filters( 'illegal_user_logins', array() ) ) ) { 1299 $return new WP_Error( 'illegal_user_login', __( "Sorry, that username is not allowed." ) ); 1300 } 1301 1295 1302 /* 1296 1303 * If a nicename is provided, remove unsafe user characters before using it. 1297 1304 * Otherwise build a nicename from the user_login. -
tests/phpunit/tests/user.php
596 596 if ( ! defined( 'WP_IMPORTING' ) ) { 597 597 $this->assertWPError( $return ); 598 598 } 599 } 600 601 /** 602 * @ticket 27317 603 */ 604 function test_illegal_user_logins_single() { 605 606 $user_data = array( 607 'user_login' => 'testuser', 608 'user_email' => 'testuser@example.com', 609 'user_pass' => wp_generate_password(), 610 ); 611 612 add_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) ); 613 614 $response = wp_insert_user( $user_data ); 615 $this->assertInstanceOf( 'WP_Error', $response ); 616 $this->assertEquals( 'illegal_user_login', $response->get_error_code() ); 617 618 remove_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) ); 619 620 $user_id = wp_insert_user( $user_data ); 621 $user = get_user_by( 'id', $user_id ); 622 $this->assertInstanceOf( 'WP_User', $user ); 623 } 624 625 /** 626 * @ticket 27317 627 */ 628 function test_illegal_user_logins_multisite() { 629 630 if ( ! is_multisite() ) { 631 return; 599 632 } 633 634 $user_data = array( 635 'user_login' => 'testuser', 636 'user_email' => 'testuser@example.com', 637 ); 638 639 add_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) ); 640 641 $response = wpmu_validate_user_signup( $user_data['user_login'], $user_data['user_email'] ); 642 $this->assertInstanceOf( 'WP_Error', $response['errors'] ); 643 $this->assertEquals( 'user_name', $response['errors']->get_error_code() ); 644 645 remove_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) ); 646 647 $response = wpmu_validate_user_signup( $user_data['user_login'], $user_data['user_email'] ); 648 $this->assertInstanceOf( 'WP_Error', $response['errors'] ); 649 $this->assertEquals( 0, count( $response['errors']->get_error_codes() ) ); 600 650 } 601 651 652 function _illegal_user_logins() { 653 return array( 'testuser' ); 654 } 655 602 656 /** 603 657 * @ticket 29696 604 658 */