Fix user validation feedback. Props sivel. fixes #13162

git-svn-id: http://svn.automattic.com/wordpress/trunk@14428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2010-05-03 23:46:42 +00:00
parent 72f99c8a96
commit 2ecda01ce0
3 changed files with 33 additions and 30 deletions

View File

@ -158,8 +158,8 @@ function edit_user( $user_id = 0 ) {
if ( !empty( $pass1 ) )
$user->user_pass = $pass1;
if ( !$update && !validate_username( $user->user_login ) )
$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid. Please enter a valid username.' ));
if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) )
$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ));
if ( !$update && username_exists( $user->user_login ) )
$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ));

View File

@ -735,19 +735,20 @@ function sanitize_file_name( $filename ) {
*/
function sanitize_user( $username, $strict = false ) {
$raw_username = $username;
$username = wp_strip_all_tags($username);
$username = wp_strip_all_tags( $username );
$username = remove_accents( $username );
// Kill octets
$username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username);
$username = preg_replace('/&.+?;/', '', $username); // Kill entities
$username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username );
$username = preg_replace( '/&.+?;/', '', $username ); // Kill entities
// If strict, reduce to ASCII for max portability.
if ( $strict )
$username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username);
$username = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $username );
// Consolidate contiguous whitespace
$username = preg_replace('|\s+|', ' ', $username);
$username = preg_replace( '|\s+|', ' ', $username );
return apply_filters('sanitize_user', $username, $raw_username, $strict);
return apply_filters( 'sanitize_user', $username, $raw_username, $strict );
}
/**

View File

@ -268,47 +268,49 @@ function reset_password($key, $login) {
* @param string $user_email User's email address to send password and add
* @return int|WP_Error Either user's ID or error on failure.
*/
function register_new_user($user_login, $user_email) {
function register_new_user( $user_login, $user_email ) {
$errors = new WP_Error();
$user_login = sanitize_user( $user_login );
$sanitized_user_login = sanitize_user( $user_login );
$user_email = apply_filters( 'user_registration_email', $user_email );
// Check the username
if ( $user_login == '' )
$errors->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.'));
elseif ( !validate_username( $user_login ) ) {
$errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.'));
$user_login = '';
} elseif ( username_exists( $user_login ) )
$errors->add('username_exists', __('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
if ( $sanitized_user_login == '' ) {
$errors->add( 'empty_username', __( '<strong>ERROR</strong>: Please enter a username.' ) );
} elseif ( ! validate_username( $user_login ) ) {
$errors->add( 'invalid_username', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
$sanitized_user_login = '';
} elseif ( username_exists( $sanitized_user_login ) ) {
$errors->add( 'username_exists', __( '<strong>ERROR</strong>: This username is already registered, please choose another one.' ) );
}
// Check the e-mail address
if ($user_email == '') {
$errors->add('empty_email', __('<strong>ERROR</strong>: Please type your e-mail address.'));
} elseif ( !is_email( $user_email ) ) {
$errors->add('invalid_email', __('<strong>ERROR</strong>: The email address isn&#8217;t correct.'));
if ( $user_email == '' ) {
$errors->add( 'empty_email', __( '<strong>ERROR</strong>: Please type your e-mail address.' ) );
} elseif ( ! is_email( $user_email ) ) {
$errors->add( 'invalid_email', __( '<strong>ERROR</strong>: The email address isn&#8217;t correct.' ) );
$user_email = '';
} elseif ( email_exists( $user_email ) )
$errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'));
} elseif ( email_exists( $user_email ) ) {
$errors->add( 'email_exists', __( '<strong>ERROR</strong>: This email is already registered, please choose another one.' ) );
}
do_action('register_post', $user_login, $user_email, $errors);
do_action( 'register_post', $sanitized_user_login, $user_email, $errors );
$errors = apply_filters( 'registration_errors', $errors, $user_login, $user_email );
$errors = apply_filters( 'registration_errors', $errors, $sanitized_user_login, $user_email );
if ( $errors->get_error_code() )
return $errors;
$user_pass = wp_generate_password();
$user_id = wp_create_user( $user_login, $user_pass, $user_email );
if ( !$user_id ) {
$errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_option('admin_email')));
$user_id = wp_create_user( $sanitized_user_login, $user_pass, $user_email );
if ( ! $user_id ) {
$errors->add( 'registerfail', sprintf( __( '<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !' ), get_option( 'admin_email' ) ) );
return $errors;
}
update_user_option($user_id, 'default_password_nag', true, true); //Set up the Password change nag.
update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.
wp_new_user_notification($user_id, $user_pass);
wp_new_user_notification( $user_id, $user_pass );
return $user_id;
}