Make WordPress Core

Changeset 3454


Ignore:
Timestamp:
01/18/2006 05:37:26 AM (19 years ago)
Author:
ryan
Message:

sanitize_user() fixes.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/functions-formatting.php

    r3284 r3454  
    267267
    268268function sanitize_user( $username ) {
    269     return preg_replace('|a-z0-9 _.-|i', '', $username);
     269    $raw_username = $username;
     270    $username = strip_tags($username);
     271    // Kill octets
     272    $username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username);
     273    $username = preg_replace('/&.+?;/', '', $username); // Kill entities
     274    return apply_filters('sanitize_user', $username, $raw_username);
    270275}
    271276
Note: See TracChangeset for help on using the changeset viewer.