Make WordPress Core

Changeset 46804


Ignore:
Timestamp:
11/29/2019 10:02:30 PM (4 years ago)
Author:
SergeyBiryukov
Message:

REST API: Use strict in_array() checks for the list of usernames blacklisted via illegal_user_logins filter.

See #48839.

Location:
trunk/src
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/user.php

    r46640 r46804  
    194194    $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
    195195
    196     if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
     196    if ( in_array( strtolower( $user->user_login ), array_map( 'strtolower', $illegal_logins ), true ) ) {
    197197        $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
    198198    }
  • trunk/src/wp-includes/ms-functions.php

    r46697 r46804  
    489489    $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
    490490
    491     if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_logins ) ) ) {
     491    if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_logins ), true ) ) {
    492492        $errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) );
    493493    }
  • trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php

    r46696 r46804  
    11381138        $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
    11391139
    1140         if ( in_array( strtolower( $username ), array_map( 'strtolower', $illegal_logins ) ) ) {
     1140        if ( in_array( strtolower( $username ), array_map( 'strtolower', $illegal_logins ), true ) ) {
    11411141            return new WP_Error( 'rest_user_invalid_username', __( 'Sorry, that username is not allowed.' ), array( 'status' => 400 ) );
    11421142        }
  • trunk/src/wp-includes/user.php

    r46685 r46804  
    15851585    $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
    15861586
    1587     if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
     1587    if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ), true ) ) {
    15881588        return new WP_Error( 'invalid_username', __( 'Sorry, that username is not allowed.' ) );
    15891589    }
     
    25042504        /** This filter is documented in wp-includes/user.php */
    25052505        $illegal_user_logins = (array) apply_filters( 'illegal_user_logins', array() );
    2506         if ( in_array( strtolower( $sanitized_user_login ), array_map( 'strtolower', $illegal_user_logins ) ) ) {
     2506        if ( in_array( strtolower( $sanitized_user_login ), array_map( 'strtolower', $illegal_user_logins ), true ) ) {
    25072507            $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
    25082508        }
Note: See TracChangeset for help on using the changeset viewer.