WordPress.org

Make WordPress Core

Opened 3 months ago

Last modified 2 months ago

#54326 new enhancement

`username_exists()` is passed a blog name in wp-includes/ms-functions.php

Reported by: henry.wright Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: General Keywords: has-patch
Focuses: docs Cc:

Description

In the wp-includes/ms-functions.php file, in the wpmu_validate_blog_signup() function definition, you will see this condition:

if ( username_exists( $blogname ) ) {
    // Stuff
}

username_exists() shouldn't be passed a blog name. It accepts a user name only.

Attachments (1)

54326.diff (629 bytes) - added by henry.wright 3 months ago.

Download all attachments as: .zip

Change History (10)

#1 @joyously
3 months ago

If you read the description of that function, you'll see

This function prevents the current user from registering a new site with a blogname equivalent to another user’s login name.

#2 @henry.wright
3 months ago

@joyously that explains the why a blog name is passed to the function. When a function is used unconventionally like this, I feel we should provide a comment very close to where the function call takes place for clarification

@henry.wright
3 months ago

#3 @henry.wright
3 months ago

  • Keywords has-patch added

Attached is 54326.diff. This adds a comment clarifying the username_exists() function call

#4 @swissspidy
3 months ago

I don't think such a comment like in 54326.diff adds much value. It literally just describes what the next line of code does. You get the same information from just reading that line of code.

It'd be more helpful to explain that such a blog name is not allowed, unless it's the user's own username.

But then again, that is already in the function description.

#5 @henry.wright
3 months ago

I don't think such a comment like in 54326.diff​ adds much value

I disagree. The function call in the next line isn't used to check if a username exists. It is used in a different way. Because the function name is username_exists(), a comment is absolutely necessary in my opinion. A comment in the DockBlock for the wpmu_validate_blog_signup() function isn't the best place.

If username_exists() was named username_exists_or_blogname_matches_existing_username() we wouldn't need the inline comment :D

#6 @joyously
3 months ago

I'm not opposed to a comment, but it does seem pretty obvious that it is checking if there is a user by the name of the blog, and the function name has "validate" in it.

The function call in the next line isn't used to check if a username exists.

Yes, it is checking for username.

#7 @henry.wright
3 months ago

Yes, it is checking for username.

In my mind it is checking if a blogname exists as a username :)

#8 @henry.wright
2 months ago

  • Type changed from defect (bug) to enhancement

#9 @henry.wright
2 months ago

  • Focuses docs added
Note: See TracTickets for help on using tickets.