WordPress.org

Make WordPress Core

Opened 5 years ago

Last modified 5 months ago

#28369 new defect (bug)

Replace @ with a hyphen in user_nicename

Reported by: SergeyBiryukov Owned by:
Milestone: Priority: low
Severity: minor Version:
Component: Users Keywords:
Focuses: Cc:
PR Number:

Description

If you register with john.smith@gmail.com as a username, your user_nicename (displayed in author archive URL) will be john-smithgmail-com.

sanitize_user() should probably replace @ with a hyphen, not remove it completely.

Change History (3)

#1 @gauravmittal1995
5 years ago

In the sanitize_user() , we can check for an "@" in the beginning, and replace it with an "-".

#2 @MikeHansenMe
5 years ago

I am not sure it is sanitize_user that is removing the @. I installed the following test plugin:

function test() {
	var_dump( sanitize_user( 'm@m.com', true ) );
	var_dump( sanitize_user( 'm@m.com', false ) );
	die;
}
add_action( 'admin_init', 'test' );

and it returned:

string(7) "m@m.com" string(7) "m@m.com" 

I created a user with an email as a username and did see the @ get removed from the url. I will look into it more and see if I can find where it is getting removed.

#3 @MikeHansenMe
5 years ago

This looks to be caused by

https://core.trac.wordpress.org/browser/tags/4.1.1/src/wp-includes/user.php#L1750

Which has been around in some form for a long time.

https://github.com/WordPress/WordPress/blob/2.0-branch/wp-includes/registration-functions.php#L42

We can either remove the use of sanitize_title or alter sanitize_title, however it is used all over core and may cause issues elsewhere. The nicename is run through sanitize_user prior in the same function.

Note: See TracTickets for help on using tickets.