WordPress.org

Make WordPress Core

Changeset 2632


Ignore:
Timestamp:
06/12/2005 11:14:52 PM (15 years ago)
Author:
matt
Message:

More user updates

Location:
trunk
Files:
10 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/install.php

    r2570 r2632  
    165165
    166166// Default comment
    167 $wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".addslashes(__('Mr WordPress'))."', '', 'http://wordpress.org', '127.0.0.1', '$now', '$now_gmt', '".addslashes(__('Hi, this is a comment.<br />To delete a comment, just log in, and view the posts\' comments, there you will have the option to edit or delete them.'))."')");
     167$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".addslashes(__('Mr WordPress'))."', '', 'http://wordpress.org', '$now', '$now_gmt', '".addslashes(__('Hi, this is a comment.<br />To delete a comment, just log in, and view the posts\' comments, there you will have the option to edit or delete them.'))."')");
    168168
    169169// Set up admin user
    170170$random_password = substr(md5(uniqid(microtime())), 0, 6);
    171 $wpdb->query("INSERT INTO $wpdb->users (ID, user_login, user_pass, user_nickname, user_email, user_level, user_idmode, user_registered) VALUES ( '1', 'admin', MD5('$random_password'), '".addslashes(__('Administrator'))."', '$admin_email', '10', 'nickname', NOW() )");
     171$wpdb->query("INSERT INTO $wpdb->users (ID, user_login, user_pass, user_email, user_level, user_registered) VALUES ( '1', 'admin', MD5('$random_password'), '$admin_email', '10', NOW() )");
    172172
    173173$message_headers = 'From: ' . stripslashes($_POST['weblog_title']) . ' <wordpress@' . $_SERVER['SERVER_NAME'] . '>';
  • trunk/wp-admin/profile.php

    r2628 r2632  
    8585    $user_description = $_POST['user_description'];
    8686
    87     $result = $wpdb->query("UPDATE $wpdb->users SET user_firstname='$newuser_firstname', $updatepassword user_lastname='$newuser_lastname', user_nickname='$newuser_nickname', user_icq='$newuser_icq', user_email='$newuser_email', user_url='$newuser_url', user_aim='$newuser_aim', user_msn='$newuser_msn', user_yim='$newuser_yim', user_idmode='$newuser_idmode', user_description = '$user_description', user_nicename = '$newuser_nicename' WHERE ID = $user_ID");
     87    $result = $wpdb->query("UPDATE $wpdb->users SET $updatepassword user_email='$newuser_email', user_url='$newuser_url', user_nicename = '$newuser_nicename' WHERE ID = $user_ID");
     88
     89    update_user_meta( $user_ID, 'first_name', $newuser_firstname );
     90    update_user_meta( $user_ID, 'last_name', $newuser_lastname );
     91    update_user_meta( $user_ID, 'nickname', $newuser_nickname );
     92    update_user_meta( $user_ID, 'description', $user_description );
     93    update_user_meta( $user_ID, 'icq', $newuser_icq );
     94    update_user_meta( $user_ID, 'aim', $newuser_aim );
     95    update_user_meta( $user_ID, 'msn', $newuser_msn );
     96    update_user_meta( $user_ID, 'yim', $newuser_yim );
    8897
    8998    do_action('profile_update', $user_ID);
  • trunk/wp-admin/user-edit.php

    r2489 r2632  
    6767$new_description = $_POST['new_description'];
    6868
    69 $result = $wpdb->query("UPDATE $wpdb->users SET user_login = '$new_user_login', user_firstname = '$new_firstname', $updatepassword user_lastname='$new_lastname', user_nickname='$new_nickname', user_icq='$new_icq', user_email='$new_email', user_url='$new_url', user_aim='$new_aim', user_msn='$new_msn', user_yim='$new_yim', user_idmode='$new_idmode', user_description = '$new_description', user_nicename = '$new_nicename' WHERE ID = $user_id");
     69$result = $wpdb->query("UPDATE $wpdb->users SET user_login = '$new_user_login', $updatepassword user_email='$new_email', user_url='$new_url', user_nicename = '$new_nicename' WHERE ID = '$user_id'");
     70
     71update_user_meta( $user_ID, 'first_name', $new_firstname );
     72update_user_meta( $user_ID, 'last_name', $new_lastname );
     73update_user_meta( $user_ID, 'nickname', $new_nickname );
     74update_user_meta( $user_ID, 'description', $new_description );
     75update_user_meta( $user_ID, 'icq', $new_icq );
     76update_user_meta( $user_ID, 'aim', $new_aim );
     77update_user_meta( $user_ID, 'msn', $new_msn );
     78update_user_meta( $user_ID, 'yim', $new_yim );
    7079
    7180header("Location: user-edit.php?user_id=$user_id&updated=true");
  • trunk/wp-admin/users.php

    r2477 r2632  
    7070
    7171    $result = $wpdb->query("INSERT INTO $wpdb->users
    72         (user_login, user_pass, user_nickname, user_email, user_ip, user_domain, user_browser, user_registered, user_level, user_idmode, user_firstname, user_lastname, user_nicename, user_url)
     72        (user_login, user_pass, user_email, user_registered, user_level, user_nicename, user_url)
    7373    VALUES
    74         ('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname', '$user_firstname', '$user_lastname', '$user_nicename', '$user_uri')");
     74        ('$user_login', MD5('$pass1'), '$user_email', '$now', '$new_users_can_blog', '$user_nicename', '$user_uri')");
    7575   
    7676    if ($result == false)
  • trunk/wp-includes/functions-formatting.php

    r2619 r2632  
    264264
    265265    return $string;
     266}
     267
     268function sanitize_user( $username ) {
     269    return preg_replace('|a-z0-9 _.-|i', '', $username);
    266270}
    267271
  • trunk/wp-includes/pluggable-functions.php

    r2631 r2632  
    5959function get_userdatabylogin($user_login) {
    6060    global $cache_userdata, $wpdb;
    61     $user_login = addslashes( $user_login );
     61    $user_login = sanitize_user( $user_login );
    6262    if ( empty( $user_login ) )
    6363        return false;
  • trunk/wp-includes/template-functions-author.php

    r2626 r2632  
    157157    global $wpdb;
    158158
    159     $query = "SELECT ID, user_nickname, user_firstname, user_lastname, user_nicename from $wpdb->users " . ($exclude_admin ? "WHERE user_login <> 'admin' " : '') . "ORDER BY user_nickname";
     159    $query = "SELECT ID, user_nicename from $wpdb->users " . ($exclude_admin ? "WHERE user_login <> 'admin' " : '') . "ORDER BY display_name";
    160160    $authors = $wpdb->get_results($query);
    161161
    162162    foreach($authors as $author) {
     163        $author = get_userdata( $author->ID );
    163164        $posts = get_usernumposts($author->ID);
    164165        $name = $author->user_nickname;
  • trunk/wp-login.php

    r2623 r2632  
    122122
    123123    // Generate something random for a password... md5'ing current time with a rand salt
    124     $key = $_GET['key'];
     124    $key = preg_replace('/a-z0-9/i', '', $_GET['key']);
    125125    if ( empty($key) )
    126126        die( __('Sorry, that key does not appear to be valid.') );
  • trunk/wp-register.php

    r2548 r2632  
    2727case 'register':
    2828
    29     $user_login = $_POST['user_login'];
     29    $user_login = sanitize_user( $_POST['user_login'] );
    3030    $user_email = $_POST['user_email'];
    3131       
    32     /* checking that username has been typed */
    33     if ($user_login == '') {
     32    if ( $user_login == '' )
    3433        die (__('<strong>ERROR</strong>: Please enter a username.'));
    35     }
    3634
    3735    /* checking e-mail address */
     
    4240    }
    4341
    44     /* checking the username isn't already used by another user */
    45     $result = $wpdb->get_results("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'");
    46     if (count($result) >= 1) {
     42    if ( $result = $wpdb->get_row("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'") )
    4743        die (__('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
    48     }
    4944
    5045    $user_ip = $_SERVER['REMOTE_ADDR'] ;
     
    5247    $user_browser = $wpdb->escape($_SERVER['HTTP_USER_AGENT']);
    5348
    54     $user_login = $wpdb->escape( preg_replace('|a-z0-9 _.-|i', '', $user_login) );
     49    $user_login = $wpdb->escape( sanitize_user($user_login) ) );
    5550    $user_nickname = $user_login;
    56    $user_nicename = sanitize_title($user_nickname);
     51    $user_nicename = sanitize_title($user_nickname);
    5752    $now = gmdate('Y-m-d H:i:s');
    5853    $user_level = get_settings('new_users_can_blog');
  • trunk/wp-settings.php

    r2631 r2632  
    5353if ( defined('CUSTOM_USER_TABLE') )
    5454    $wpdb->users = CUSTOM_USER_TABLE;
     55if ( defined('CUSTOM_USER_META_TABLE') )
     56    $wpdb->usermeta = CUSTOM_USER_META_TABLE;
    5557
    5658// We're going to need to keep this around for a few months even though we're not using it internally
Note: See TracChangeset for help on using the changeset viewer.