Opened 5 years ago
Last modified 5 years ago
#45714 new defect (bug)
Allow all valid email formats when editing accounts in the dashboard
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | Users | Keywords: | has-patch has-unit-tests |
| Focuses: | administration | Cc: |
Description
When updating an email address in the dashboard wp-admin/includes/user.php:80 uses sanitize_text_field which strips out a substring like "%ed" even though that is valid in the local part of an email address. Eg, the valid email address "user%edition@…" is saved as "userition@…".
This ticket requests to using sanitize_email instead, similar to the REST API that checks using is_email.
(A related, fixed issue is in #18039 which also recommended using sanitize_email)
Attachments (1)
Change History (3)
Note: See
TracTickets for help on using
tickets.
Patch