Changeset 23416 for trunk/wp-admin/user-new.php
- Timestamp:
- 02/14/2013 10:51:06 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/user-new.php
r23412 r23416 113 113 } else { 114 114 // Adding a new user to this blog 115 $user_details = wpmu_validate_user_signup( $_REQUEST[ 'user_login' ], $_REQUEST[ 'email' ]);115 $user_details = wpmu_validate_user_signup( wp_unslash( $_REQUEST[ 'user_login' ] ), wp_unslash( $_REQUEST[ 'email' ] ) ); 116 116 if ( is_wp_error( $user_details[ 'errors' ] ) && !empty( $user_details[ 'errors' ]->errors ) ) { 117 117 $add_user_errors = $user_details[ 'errors' ]; 118 118 } else { 119 $new_user_login = apply_filters('pre_user_login', sanitize_user( stripslashes($_REQUEST['user_login']), true));119 $new_user_login = apply_filters('pre_user_login', sanitize_user( wp_unslash( $_REQUEST['user_login'] ), true ) ); 120 120 if ( isset( $_POST[ 'noconfirmation' ] ) && is_super_admin() ) { 121 121 add_filter( 'wpmu_signup_user_notification', '__return_false' ); // Disable confirmation email 122 122 } 123 wpmu_signup_user( $new_user_login, $_REQUEST[ 'email' ], array( 'add_to_blog' => $wpdb->blogid, 'new_role' => $_REQUEST[ 'role' ] ) );123 wpmu_signup_user( $new_user_login, wp_unslash( $_REQUEST[ 'email' ] ), array( 'add_to_blog' => $wpdb->blogid, 'new_role' => $_REQUEST[ 'role' ] ) ); 124 124 if ( isset( $_POST[ 'noconfirmation' ] ) && is_super_admin() ) { 125 125 $key = $wpdb->get_var( $wpdb->prepare( "SELECT activation_key FROM {$wpdb->signups} WHERE user_login = %s AND user_email = %s", $new_user_login, $_REQUEST[ 'email' ] ) ); … … 310 310 if( isset( $_POST['createuser'] ) ) { 311 311 if ( ! isset($$var) ) 312 $$var = isset( $_POST[$post_field] ) ? stripslashes( $_POST[$post_field] ) : '';312 $$var = isset( $_POST[$post_field] ) ? wp_unslash( $_POST[$post_field] ) : ''; 313 313 } else { 314 314 $$var = false;
Note: See TracChangeset
for help on using the changeset viewer.