Make WordPress Core

Changeset 52650


Ignore:
Timestamp:
01/29/2022 02:23:59 PM (3 years ago)
Author:
SergeyBiryukov
Message:

Users: Return a WP_Error from wp_insert_user() if the user_url field is too long.

The user_url database field only allows up to 100 characters, and if the value is longer than that, the function should return a proper error message instead of silently failing.

This complements similar checks for user_login and user_nicename fields.

Follow-up to [45], [1575], [32299], [34218], [34626].

Props mkox, sabernhardt, tszming, SergeyBiryukov.
Fixes #44107.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/user.php

    r52607 r52650  
    20442044    $user_url = apply_filters( 'pre_user_url', $raw_user_url );
    20452045
     2046    if ( mb_strlen( $user_url ) > 100 ) {
     2047        return new WP_Error( 'user_url_too_long', __( 'User URL may not be longer than 100 characters.' ) );
     2048    }
     2049
    20462050    $user_registered = empty( $userdata['user_registered'] ) ? gmdate( 'Y-m-d H:i:s' ) : $userdata['user_registered'];
    20472051
  • trunk/tests/phpunit/tests/user.php

    r52389 r52650  
    10021002
    10031003    /**
     1004     * @ticket 44107
     1005     */
     1006    public function test_wp_insert_user_should_reject_user_url_over_100_characters() {
     1007        $user_url = str_repeat( 'a', 101 );
     1008        $u        = wp_insert_user(
     1009            array(
     1010                'user_login' => 'test',
     1011                'user_email' => 'test@example.com',
     1012                'user_pass'  => 'password',
     1013                'user_url'   => $user_url,
     1014            )
     1015        );
     1016
     1017        $this->assertWPError( $u );
     1018        $this->assertSame( 'user_url_too_long', $u->get_error_code() );
     1019    }
     1020
     1021    /**
    10041022     * @ticket 28004
    10051023     */
Note: See TracChangeset for help on using the changeset viewer.