Make WordPress Core

Changeset 34856


Ignore:
Timestamp:
10/06/2015 05:34:47 AM (9 years ago)
Author:
DrewAPicture
Message:

Users: Empty sanitized usernames should be considered invalid when passed through validate_username().

Adds tests.

Props gwinhlopez for the initial patch.
Props mordauk, chriscct7.
Fixes #24618.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/user-functions.php

    r34820 r34856  
    11771177 *
    11781178 * @since 2.0.1
     1179 * @since 4.4.0 Empty sanitized usernames are now considered invalid
    11791180 *
    11801181 * @param string $username Username.
     
    11831184function validate_username( $username ) {
    11841185    $sanitized = sanitize_user( $username, true );
    1185     $valid = ( $sanitized == $username );
     1186    $valid = ( $sanitized == $username && ! empty( $sanitized ) );
     1187
    11861188    /**
    11871189     * Filter whether the provided username is valid or not.
  • trunk/tests/phpunit/tests/user.php

    r34626 r34856  
    598598            }
    599599        }
     600    }
     601
     602    /**
     603     * @ticket 24618
     604     */
     605    public function test_validate_username_string() {
     606        $this->assertTrue( validate_username( rand_str() ) );
     607        $this->assertTrue( validate_username( 'JohnDoe' ) );
     608        $this->assertTrue( validate_username( 'test@test.com' ) );
     609    }
     610
     611    /**
     612     * @ticket 24618
     613     */
     614    public function test_validate_username_empty() {
     615        $this->assertFalse( validate_username( '' ) );
     616    }
     617
     618    /**
     619     * @ticket 24618
     620     */
     621    public function test_validate_username_invalid() {
     622        $this->assertFalse( validate_username( '@#&99sd' ) );
    600623    }
    601624
Note: See TracChangeset for help on using the changeset viewer.