Opened 2 years ago
Last modified 8 months ago
#52976 new defect (bug)
user emails comparison should be case insensitive — at Version 3
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | 4.3 |
| Component: | Users | Keywords: | good-first-bug has-patch needs-testing |
| Focuses: | Cc: |
Description (last modified by )
In user.php for WordPress 5.7, email update comparisons are case sensitive. Is there a specific reason for this? Because emails are case insensitive. Here is the line that does that:
if ( isset( $userdata['user_email'] ) && $user['user_email'] !== $userdata['user_email'] )
Can the function:
strcasecmp
be used instead? The problem is that there is a plugin that uses the function:
wp_update_user
And it would send a notification for email change even if it was the casing of the characters only.
Thanks for your time and consideration
Change History (3)
#2
in reply to:
↑ 1
@
2 years ago
Hello @dd32,
Thanks for your response. The plugin that uses wp_update_user does not alter the casing. It simply passes the email address to it and does not perform any checks on the similarity of the old and new addresses.
Ok, I have seen your note in https://tools.ietf.org/html/rfc5321 now. I am not sure how to take this further, so feel free to close the ticket if you prefer to stick to the RFC.
Hi @asaifm and welcome to Trac!
Updating this to use lower-case comparisons (Just throw it through strtolower() IMHO) seems reasonable, however.. a plugin altering the user email address to lower case does seem unexpected and potentially a bigger bug than this is.
Just as a note,
user@example.comandUSER@example.comcould technically be different users, as the email standard delegates that to the mail servers, however in reality no mail servers that I'm aware of have case sensitive handling..