Skip to:
Content

BuddyPress.org

Changeset 11747


Ignore:
Timestamp:
11/16/2017 08:00:41 PM (7 years ago)
Author:
boonebgorges
Message:

Members: Run BP's illegal user names through WP filter.

This ensures that user names added to the blacklist via the
'illegal_user_logins' filter are also blacklisted during BP registration.

Props espellcaste.
Fixes #7461.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-members/bp-members-functions.php

    r11705 r11747  
    15791579    $filtered_illegal_names = apply_filters( 'bp_core_illegal_usernames', array_merge( array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' ), $bp_component_slugs ) );
    15801580
    1581     // Merge the arrays together.
    1582     $merged_names           = array_merge( (array) $filtered_illegal_names, (array) $db_illegal_names );
     1581    /**
     1582     * Filters the list of illegal usernames from WordPress.
     1583     *
     1584     * @since 3.0
     1585     *
     1586     * @param array Array of illegal usernames.
     1587     */
     1588    $wp_filtered_illegal_names = apply_filters( 'illegal_user_logins', array() );
     1589
     1590    // First merge BuddyPress illegal names.
     1591    $bp_merged_names           = array_merge( (array) $filtered_illegal_names, (array) $db_illegal_names );
     1592
     1593    // Then merge WordPress and BuddyPress illegal names.
     1594    $merged_names              = array_merge( (array) $wp_filtered_illegal_names, (array) $bp_merged_names );
    15831595
    15841596    // Remove duplicates.
    1585     $illegal_names          = array_unique( (array) $merged_names );
     1597    $illegal_names             = array_unique( (array) $merged_names );
    15861598
    15871599    /**
  • trunk/tests/phpunit/testcases/members/functions.php

    r11737 r11747  
    638638        $wpdb->suppress_errors( $suppress );
    639639    }
     640
     641    /**
     642     * @ticket BP7461
     643     *
     644     * Test function before and after adding custom illegal names from WordPress.
     645     */
     646    public function test_bp_core_get_illegal_names() {
     647
     648        // Making sure BP custom illegals are in the array.
     649        $this->assertTrue( in_array( 'profile', bp_core_get_illegal_names(), true ) );
     650        $this->assertTrue( in_array( 'forums', bp_core_get_illegal_names(), true ) );
     651
     652        add_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) );
     653
     654        // Testing fake custom illegal names.
     655        $this->assertTrue( in_array( 'testuser', bp_core_get_illegal_names(), true ) );
     656        $this->assertTrue( in_array( 'admins', bp_core_get_illegal_names(), true ) );
     657        $this->assertFalse( in_array( 'buddypresss', bp_core_get_illegal_names(), true ) );
     658
     659        // Making sure BP custom illegals are in the array after including the custom ones.
     660        $this->assertTrue( in_array( 'profile', bp_core_get_illegal_names(), true ) );
     661        $this->assertTrue( in_array( 'forums', bp_core_get_illegal_names(), true ) );
     662
     663        remove_filter( 'illegal_user_logins', array( $this, '_illegal_user_logins' ) );
     664    }
     665
     666    public function _illegal_user_logins() {
     667        return array(
     668            'testuser',
     669            'admins',
     670            'buddypress',
     671        );
     672    }
    640673}
Note: See TracChangeset for help on using the changeset viewer.