From 2dad79f6c5df90e18037bd5b7fe375d5c283e74c Mon Sep 17 00:00:00 2001 From: Boone Gorges Date: Thu, 2 Oct 2014 18:54:17 +0000 Subject: [PATCH] Always sanitize user_nicename in wp_insert_user(). Previously, a 'user_nicename' parameter passed into the function was unsanitized. This could result in a mismatch between the sanitized nicename generated automatically at user creation, resulting in broken author archive permalinks. Props joemcgill. Fixes #29696. Built from https://develop.svn.wordpress.org/trunk@29819 git-svn-id: http://core.svn.wordpress.org/trunk@29585 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/user.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/wp-includes/user.php b/wp-includes/user.php index 141fff35b3..1d00523d0c 100644 --- a/wp-includes/user.php +++ b/wp-includes/user.php @@ -1676,12 +1676,17 @@ function wp_insert_user( $userdata ) { if ( ! $update && username_exists( $user_login ) ) { return new WP_Error( 'existing_user_login', __( 'Sorry, that username already exists!' ) ); } - if ( empty( $userdata['user_nicename'] ) ) { - $user_nicename = sanitize_title( $user_login ); + + // If a nicename is provided, remove unsafe user characters before + // using it. Otherwise build a nicename from the user_login. + if ( ! empty( $userdata['user_nicename'] ) ) { + $user_nicename = sanitize_user( $userdata['user_nicename'], true ); } else { - $user_nicename = $userdata['user_nicename']; + $user_nicename = $user_login; } + $user_nicename = sanitize_title( $user_nicename ); + // Store values to save in user meta. $meta = array();