WordPress.org

Make WordPress Core

Ticket #33793: 33793.3.diff

File 33793.3.diff, 3.7 KB (added by dipesh.kakadiya, 4 years ago)

extra check added for length of user_nicename in wp_insert_user()

  • src/wp-admin/includes/schema.php

     
    186186  ID bigint(20) unsigned NOT NULL auto_increment,
    187187  user_login varchar(60) NOT NULL default '',
    188188  user_pass varchar(64) NOT NULL default '',
    189   user_nicename varchar(50) NOT NULL default '',
     189  user_nicename varchar(60) NOT NULL default '',
    190190  user_email varchar(100) NOT NULL default '',
    191191  user_url varchar(100) NOT NULL default '',
    192192  user_registered datetime NOT NULL default '0000-00-00 00:00:00',
  • src/wp-admin/includes/user.php

     
    503503
    504504Please click the following link to activate your user account:
    505505%%s' ), get_bloginfo( 'name' ), home_url(), wp_specialchars_decode( translate_user_role( $role['name'] ) ) );
    506 }
    507  No newline at end of file
     506}
  • src/wp-admin/network/user-new.php

     
    8989        <table class="form-table">
    9090                <tr class="form-field form-required">
    9191                        <th scope="row"><label for="username"><?php _e( 'Username' ) ?></label></th>
    92                         <td><input type="text" class="regular-text" name="user[username]" id="username" autocapitalize="none" autocorrect="off" /></td>
     92                        <td><input type="text" class="regular-text" name="user[username]" id="username" autocapitalize="none" autocorrect="off" maxlength="60" /></td>
    9393                </tr>
    9494                <tr class="form-field form-required">
    9595                        <th scope="row"><label for="email"><?php _e( 'Email' ) ?></label></th>
  • src/wp-admin/user-new.php

     
    375375<table class="form-table">
    376376        <tr class="form-field form-required">
    377377                <th scope="row"><label for="user_login"><?php _e('Username'); ?> <span class="description"><?php _e('(required)'); ?></span></label></th>
    378                 <td><input name="user_login" type="text" id="user_login" value="<?php echo esc_attr( $new_user_login ); ?>" aria-required="true" autocapitalize="none" autocorrect="off" /></td>
     378                <td><input name="user_login" type="text" id="user_login" value="<?php echo esc_attr( $new_user_login ); ?>" aria-required="true" autocapitalize="none" autocorrect="off" maxlength="60" /></td>
    379379        </tr>
    380380        <tr class="form-field form-required">
    381381                <th scope="row"><label for="email"><?php _e('Email'); ?> <span class="description"><?php _e('(required)'); ?></span></label></th>
  • src/wp-includes/user-functions.php

     
    12521252                return new WP_Error( 'existing_user_login', __( 'Sorry, that username already exists!' ) );
    12531253        }
    12541254
     1255        if ( strlen( $user_login ) > 60 )
     1256                return new WP_Error( 'user_login', __( 'Please enter a username less than 60 characters.' ) );
     1257
    12551258        // If a nicename is provided, remove unsafe user characters before
    12561259        // using it. Otherwise build a nicename from the user_login.
    12571260        if ( ! empty( $userdata['user_nicename'] ) ) {
     
    12601263                $user_nicename = $user_login;
    12611264        }
    12621265
     1266        if ( strlen( $user_nicename ) > 60 )
     1267                return new WP_Error( 'user_nicename', __( 'Please enter a nicename less than 60 characters.' ) );
     1268
    12631269        $user_nicename = sanitize_title( $user_nicename );
    12641270
    12651271        // Store values to save in user meta.