Prevent super admins from shooting themselves in the foot. props jorbin. Checks blog names against an array (filterable) of reserved keywords for subdirectory installs. fixes #13304.

git-svn-id: http://svn.automattic.com/wordpress/trunk@14928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
nacin 2010-05-26 03:13:16 +00:00
parent 185ae53008
commit 4e3c7fddd0
2 changed files with 13 additions and 0 deletions

View File

@ -148,6 +148,14 @@ switch ( $_GET['action'] ) {
$domain = '';
if ( ! preg_match( '/(--)/', $blog['domain'] ) && preg_match( '|^([a-zA-Z0-9-])+$|', $blog['domain'] ) )
$domain = strtolower( $blog['domain'] );
// If not a subdomain install, make sure the domain isn't a reserved word
if ( ! is_subdomain_install() ) {
$subdirectory_reserved_names = apply_filters( 'subdirectory_reserved_names', array( 'page', 'comments', 'blog', 'files', 'feed' ) );
if ( in_array( $domain, $subdirectory_reserved_names ) )
wp_die( sprintf( __('The following words are reserved for use by WordPress functions and cannot be used as blog names: <code>%s</code>' ), implode( '</code>, <code>', $subdirectory_reserved_names ) ) );
}
$email = sanitize_email( $blog['email'] );
$title = $blog['title'];

View File

@ -556,6 +556,11 @@ function wpmu_validate_blog_signup($blogname, $blog_title, $user = '') {
add_site_option( 'illegal_names', $illegal_names );
}
// On sub dir installs, Some names are so illegal, only a filter can spring them from jail
if (! is_subdomain_install() )
$illegal_names = array_merge($illegal_names, apply_filters( 'subdirectory_reserved_names', array( 'page', 'comments', 'blog', 'files', 'feed' ) ) );
if ( empty( $blogname ) )
$errors->add('blogname', __('Please enter a site name'));