Changeset 46804 for trunk/src/wp-includes/user.php

Timestamp:

11/29/2019 10:02:30 PM (5 years ago)

Author:

SergeyBiryukov

Message:

REST API: Use strict in_array() checks for the list of usernames blacklisted via illegal_user_logins filter.

See #48839.

File:

• trunk/src/wp-includes/user.php (modified) (2 diffs)

trunk/src/wp-includes/user.php

@@ -1585 +1585 @@
     $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
 
-    if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ) ) ) {
+    if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ), true ) ) {
         return new WP_Error( 'invalid_username', __( 'Sorry, that username is not allowed.' ) );
     }
@@ -2504 +2504 @@
         /** This filter is documented in wp-includes/user.php */
         $illegal_user_logins = (array) apply_filters( 'illegal_user_logins', array() );
-        if ( in_array( strtolower( $sanitized_user_login ), array_map( 'strtolower', $illegal_user_logins ) ) ) {
+        if ( in_array( strtolower( $sanitized_user_login ), array_map( 'strtolower', $illegal_user_logins ), true ) ) {
             $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
         }