Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
08/29/2012 06:47:11 PM (13 years ago)
Author:
boonebgorges
Message:

Fixes email validation in Settings component

When changing your email in the Settings component, this changeset ensures that
the new address is validated in all the crucial ways, specifically the
banned_email_domains and limited_email_domains checks on WordPress Multisite.

Fixes #4485

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/bp-members/bp-members-functions.php

    r6259 r6269  
    971971
    972972/**
     973 * Check that an email address is valid for use
     974 *
     975 * Performs the following checks:
     976 *   - Is the email address well-formed?
     977 *   - Is the email address already used?
     978 *   - If there's an email domain blacklist, is the current domain on it?
     979 *   - If there's an email domain whitelest, is the current domain on it?
     980 *
     981 * @since 1.6.2
     982 *
     983 * @param string $user_email The email being checked
     984 * @return bool|array True if the address passes all checks; otherwise an array
     985 *   of error codes
     986 */
     987function bp_core_validate_email_address( $user_email ) {
     988    $errors = array();
     989
     990    $user_email = sanitize_email( $user_email );
     991
     992    // Is the email well-formed?
     993    if ( ! is_email( $user_email ) )
     994        $errors['invalid'] = 1;
     995
     996    // Is the email on the Banned Email Domains list?
     997    // Note: This check only works on Multisite
     998    if ( function_exists( 'is_email_address_unsafe' ) && is_email_address_unsafe( $user_email ) )
     999        $errors['domain_banned'] = 1;
     1000
     1001    // Is the email on the Limited Email Domains list?
     1002    // Note: This check only works on Multisite
     1003    $limited_email_domains = get_site_option( 'limited_email_domains' );
     1004    if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) {
     1005        $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
     1006        if ( ! in_array( $emaildomain, $limited_email_domains ) ) {
     1007            $errors['domain_not_allowed'] = 1;
     1008        }
     1009    }
     1010
     1011    // Is the email alreday in use?
     1012    if ( email_exists( $user_email ) )
     1013        $errors['in_use'] = 1;
     1014
     1015    $retval = ! empty( $errors ) ? $errors : true;
     1016
     1017    return $retval;
     1018}
     1019
     1020/**
    9731021 * Validate a user name and email address when creating a new user.
     1022 *
     1023 * @todo Refactor to use bp_core_validate_email_address()
    9741024 *
    9751025 * @param string $user_name Username to validate
Note: See TracChangeset for help on using the changeset viewer.