Changeset 5840 for trunk/bp-members/bp-members-functions.php

Timestamp:

02/25/2012 06:21:27 PM (14 years ago)

Author:

boonebgorges

Message:

Some hardening of the member registration process:

• Ensures that pre_user_login filters are applied before attempting to create a user with wp_insert_user(), so that BP's username validation is the same as WP's, and username_exists() checks are reliable.
• Check to see whether the return value of wp_insert_user() is a WP_Error object before continuing with the registration process.
• Improves error handling during user creation, by correctly parsing WP_Error objects returned from wp_insert_user().

See #3949.

File:

• trunk/bp-members/bp-members-functions.php (modified) (2 diffs)

trunk/bp-members/bp-members-functions.php

@@ -949 +949 @@
     $user_email = sanitize_email( $user_email );
 
+    // Apply any user_login filters added by BP or other plugins before validating
+    $user_name = apply_filters( 'pre_user_login', $user_name );
+
     if ( empty( $user_name ) )
         $errors->add( 'user_name', __( 'Please enter a username', 'buddypress' ) );
@@ -1032 +1035 @@
         ) );
 
-        if ( empty( $user_id ) ) {
+        if ( is_wp_error( $user_id ) || empty( $user_id ) ) {
             $errors->add( 'registerfail', sprintf( __('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !', 'buddypress' ), bp_get_option( 'admin_email' ) ) );
             return $errors;