Ticket #39645: 39645.diff

wp-includes/user.php

@@ -2279 +2279 @@
         // Check the username
         if ( $sanitized_user_login == '' ) {
                 $errors->add( 'empty_username', __( '<strong>ERROR</strong>: Please enter a username.' ) );
+        } elseif ( $sanitized_user_login == 'admin' || $sanitized_user_login == 'Admin') {
+                // Don't let somebody fake an admin account
+                $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Cheatin&#8217; uh?' ) );
         } elseif ( ! validate_username( $user_login ) ) {
                 $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
                 $sanitized_user_login = '';
         } elseif ( username_exists( $sanitized_user_login ) ) {
                 $errors->add( 'username_exists', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ) );
-
         } else {
                 /** This filter is documented in wp-includes/user.php */
                 $illegal_user_logins = array_map( 'strtolower', (array) apply_filters( 'illegal_user_logins', array() ) );