Changeset 35629

Timestamp:

11/12/2015 04:29:45 PM (10 years ago)

Author:

SergeyBiryukov

Message:

Users: After [35189], make 'illegal_user_logins' check case-insensitive.

Props juliobox.
Fixes #27317.

Location:

trunk

Files:

• src/wp-admin/includes/user.php (modified) (1 diff)
• src/wp-includes/ms-functions.php (modified) (1 diff)
• src/wp-includes/user-functions.php (modified) (1 diff)
• tests/phpunit/tests/user.php (modified) (4 diffs)

trunk/src/wp-admin/includes/user.php

@@ -144 +144 @@
 
     /** This filter is documented in wp-includes/user-functions.php */
-    if ( in_array( $user->user_login, apply_filters( 'illegal_user_logins', array() ) ) ) {
+    $illegal_logins = apply_filters( 'illegal_user_logins', array() );
+
+    if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
         $errors->add( 'illegal_user_login', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
     }

trunk/src/wp-includes/ms-functions.php

@@ -433 +433 @@
 
     /** This filter is documented in wp-includes/user-functions.php */
-    if ( in_array( $user_name, apply_filters( 'illegal_user_logins', array() ) ) ) {
+    $illegal_logins = apply_filters( 'illegal_user_logins', array() );
+
+    if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_logins ) ) ) {
         $errors->add( 'user_name',  __( 'Sorry, that username is not allowed.' ) );
     }

trunk/src/wp-includes/user-functions.php

@@ -1329 +1329 @@
      * @param array $usernames Array of blacklisted usernames.
      */
-    if ( in_array( $user_login, apply_filters( 'illegal_user_logins', array() ) ) ) {
+    $illegal_logins = apply_filters( 'illegal_user_logins', array() );
+
+    if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
         return new WP_Error( 'illegal_user_login', __( 'Sorry, that username is not allowed.' ) );
     }

trunk/tests/phpunit/tests/user.php

@@ -596 +596 @@
     /**
      * @ticket 27317
-     */
-    function test_illegal_user_logins_single() {
+     * @dataProvider _illegal_user_logins_data
+     */
+    function test_illegal_user_logins_single( $user_login ) {
         $user_data = array(
-            'user_login' => 'testuser',
+            'user_login' => $user_login,
             'user_email' => 'testuser@example.com',
             'user_pass'  => wp_generate_password(),
@@ -619 +620 @@
     /**
      * @ticket 27317
-     */
-    function test_illegal_user_logins_multisite() {
+     * @dataProvider _illegal_user_logins_data
+     */
+    function test_illegal_user_logins_multisite( $user_login ) {
         if ( ! is_multisite() ) {
             return;
@@ -626 +628 @@
 
         $user_data = array(
-            'user_login' => 'testuser',
+            'user_login' => $user_login,
             'user_email' => 'testuser@example.com',
         );
@@ -641 +643 @@
         $this->assertInstanceOf( 'WP_Error', $response['errors'] );
         $this->assertEquals( 0, count( $response['errors']->get_error_codes() ) );
+    }
+
+    function _illegal_user_logins_data() {
+        return array(
+            array( 'testuser' ),
+            array( 'TestUser' ),
+        );
     }