Ticket #6144: 6144.patch
| File 6144.patch, 6.1 KB (added by , 10 years ago) |
|---|
-
src/bp-members/bp-members-admin.php
diff --git src/bp-members/bp-members-admin.php src/bp-members/bp-members-admin.php index 0242f86..32cf09a 100644
class BP_Members_Admin { 193 193 194 194 if ( is_admin() ) { 195 195 196 // Filter non multisite user query to remove sign-up users197 196 if ( ! is_multisite() ) { 197 // Filter non multisite user query to remove sign-up users 198 198 add_action( 'pre_user_query', array( $this, 'remove_signups_from_user_query' ), 10, 1 ); 199 200 // Make sure user_login validation is consistent with front end 201 add_action( 'user_profile_update_errors', array( $this, 'validate_new_user' ), 10, 3 ); 199 202 } 200 203 201 204 // Reorganise the views navigation in users.php and signups page … … class BP_Members_Admin { 1968 1971 1969 1972 <?php 1970 1973 } 1974 1975 /** 1976 * Validate a user created from the Add new user administration screen 1977 * 1978 * @since (2.2.0) 1979 * 1980 * @param WP_Error $errors the errors that may appear when creating the user from 1981 * the User Administration Sceen, passed by reference 1982 * @param bool $update Whether this is a user update 1983 * @param WP_User $user WP_User object, passed by reference. 1984 */ 1985 public function validate_new_user( &$errors, $update, &$user ) { 1986 // Bail if the user is being updated 1987 if ( ! empty( $update ) ) { 1988 return; 1989 } 1990 1991 // Make sure registering a user from front end or administration is consistent 1992 bp_core_validate_user_signup( $user->user_login, $user->user_email, $errors ); 1993 } 1971 1994 } 1972 1995 endif; // class_exists check 1973 1996 -
src/bp-members/bp-members-functions.php
diff --git src/bp-members/bp-members-functions.php src/bp-members/bp-members-functions.php index eab418d..52f3f06 100644
function bp_core_add_validation_error_messages( WP_Error $errors, $validation_re 1637 1637 * 1638 1638 * @param string $user_name Username to validate. 1639 1639 * @param string $user_email Email address to validate. 1640 * @param WP_Error $errors the errors that may appear when creating the user from 1641 * the User Administration Sceen, passed by reference 1640 1642 * @return array Results of user validation including errors, if any. 1641 1643 */ 1642 function bp_core_validate_user_signup( $user_name, $user_email ) {1644 function bp_core_validate_user_signup( $user_name, $user_email, &$errors = null ) { 1643 1645 1644 1646 // Make sure illegal names include BuddyPress slugs and values 1645 1647 bp_core_flush_illegal_names(); … … function bp_core_validate_user_signup( $user_name, $user_email ) { 1650 1652 $result = wpmu_validate_user_signup( $user_name, $user_email ); 1651 1653 1652 1654 // When not running Multisite, we perform our own validation. What 1653 // follows reproduces much of the logic of wpmu_validate_user_signup(), 1654 // minus the multisite-specific restrictions on user_login 1655 // follows reproduces much of the logic of wpmu_validate_user_signup() 1655 1656 } else { 1656 $errors = new WP_Error(); 1657 1658 // Define the WP_Error object if not already set 1659 if ( ! isset( $errors ) ) { 1660 $errors = new WP_Error(); 1661 } 1657 1662 1658 1663 /** 1659 1664 * Filters the username before being validated. … … function bp_core_validate_user_signup( $user_name, $user_email ) { 1664 1669 */ 1665 1670 $user_name = apply_filters( 'pre_user_login', $user_name ); 1666 1671 1672 $orig_username = $user_name; 1673 $user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) ); 1674 1675 if ( $user_name != $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) { 1676 $errors->add( 'user_name', __( 'Only lowercase letters (a-z) and numbers are allowed.', 'buddypress' ) ); 1677 $user_name = $orig_username; 1678 } 1679 1667 1680 // User name can't be empty 1668 1681 if ( empty( $user_name ) ) { 1669 1682 $errors->add( 'user_name', __( 'Please enter a username', 'buddypress' ) ); … … function bp_core_signup_user( $user_login, $user_password, $user_email, $usermet 1782 1795 wpmu_signup_user( $user_login, $user_email, $usermeta ); 1783 1796 1784 1797 } else { 1785 // Format data 1786 $user_login = preg_replace( '/\s+/', '', sanitize_user( $user_login, true ) ); 1787 $user_email = sanitize_email( $user_email ); 1798 // Generate the activation key for the signup table 1788 1799 $activation_key = substr( md5( time() . rand() . $user_email ), 0, 16 ); 1789 1800 1790 1801 /** … … function bp_core_signup_user( $user_login, $user_password, $user_email, $usermet 1807 1818 return $user_id; 1808 1819 } 1809 1820 1821 // Generate the activation key for the users table 1810 1822 $activation_key = wp_hash( $user_id ); 1811 1823 bp_update_user_meta( $user_id, 'activation_key', $activation_key ); 1812 1824 } -
tests/phpunit/testcases/members/functions.php
diff --git tests/phpunit/testcases/members/functions.php tests/phpunit/testcases/members/functions.php index c8b3d2a..bbe2a08 100644
class BP_Tests_Members_Functions extends BP_UnitTestCase { 498 498 499 499 } 500 500 501 /** 502 * @group bp_core_validate_user_signup 503 */ 504 public function test_bp_core_validate_user_signup() { 505 if ( is_multisite() ) { 506 return; 507 } 508 509 // spaces in user_login and a malformed email 510 $s = bp_core_validate_user_signup( 'foo bar', 'foo' ); 511 $this->assertNotEmpty( $s['errors']->errors['user_name'] ); 512 $this->assertNotEmpty( $s['errors']->errors['user_email'] ); 513 514 // empty user_login 515 $s = bp_core_validate_user_signup( '', 'foo@bar.com' ); 516 $this->assertNotEmpty( $s['errors']->errors['user_name'] ); 517 518 // user_login illegal names 519 $s = bp_core_validate_user_signup( 'root', 'foo@bar.com' ); 520 $this->assertNotEmpty( $s['errors']->errors['user_name'] ); 521 522 // user_login @ 523 $s = bp_core_validate_user_signup( 'foo@bar', 'foo@bar.com' ); 524 $this->assertNotEmpty( $s['errors']->errors['user_name'] ); 525 526 // user_login < 4 527 $s = bp_core_validate_user_signup( 'foo', 'foo@bar.com' ); 528 $this->assertNotEmpty( $s['errors']->errors['user_name'] ); 529 530 // user login exists 531 $this->factory->user->create( array( 'user_login' =>'foobar' ) ); 532 $s = bp_core_validate_user_signup( 'foobar', 'foo@bar.com' ); 533 $this->assertNotEmpty( $s['errors']->errors['user_name'] ); 534 } 535 501 536 public function notification_filter_callback( $value ) { 502 537 $this->filter_fired = current_filter(); 503 538 return $value;