Make WordPress Core


Ignore:
Timestamp:
11/13/2013 02:40:28 AM (11 years ago)
Author:
SergeyBiryukov
Message:

Use case-insensitive comparison for email addresses. fixes #25779.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/pluggable.php

    r26114 r26115  
    11421142    $user = get_userdata( $post->post_author );
    11431143    // Send to the administration and to the post author if the author can modify the comment.
    1144     $emails = array( get_option('admin_email') );
    1145     if ( user_can($user->ID, 'edit_comment', $comment_id) && !empty($user->user_email) && ( get_option('admin_email') != $user->user_email) )
    1146         $emails[] = $user->user_email;
     1144    $emails = array( get_option( 'admin_email' ) );
     1145    if ( user_can( $user->ID, 'edit_comment', $comment_id ) && ! empty( $user->user_email ) ) {
     1146        if ( 0 !== strcasecmp( $user->user_email, get_option( 'admin_email' ) ) )
     1147            $emails[] = $user->user_email;
     1148    }
    11471149
    11481150    $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
     
    12171219    // send a copy of password change notification to the admin
    12181220    // but check to see if it's the admin whose password we're changing, and skip this
    1219     if ( $user->user_email != get_option('admin_email') ) {
     1221    if ( 0 !== strcasecmp( $user->user_email, get_option( 'admin_email' ) ) ) {
    12201222        $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
    12211223        // The blogname option is escaped with esc_html on the way into the database in sanitize_option
Note: See TracChangeset for help on using the changeset viewer.