Skip to:
Content

BuddyPress.org

Opened 13 years ago

Closed 13 years ago

#1925 closed defect (bug) (worksforme)

'@' in username causes strange issues

Reported by: zooney's profile Zooney Owned by:
Milestone: 1.2 Priority: major
Severity: Version:
Component: Keywords: needs-patch, needs-testing, 2nd-opinion
Cc: Zooney

Description

A username with an "@" symbol in it, (i.e. smith.1@…) will cause at least two strange problems:

While running as an account of the form "smith.1@…" (for instance an account created with a Shibboleth EPPN as the username)

1.) In the the user profile the link Groups->Create a Group will redirect the user to the home page of the BuddyPress install

2.) Posting to the account's own wire (typing in text and hitting "Post") will redirect to the home page of the BuddyPress install (although the message will be posted to the wire)

Change History (5)

#1 @Zooney
13 years ago

Another issue:

3.) Attempting to send mail via Messages->Compose will redirect to the home page of the BuddyPress install upon hitting "Send"

#2 @Zooney
13 years ago

A username with an "@" symbol in it, (i.e. smith.1@…) will cause at least two strange problems:

While running as an account of the form "smith.1@…" (for instance an account created with a Shibboleth EPPN as the username)

1.) In the the user profile the link Groups->Create a Group will redirect the user to the home page of the BuddyPress install

2.) Posting to the account's own wire (typing in text and hitting "Post") will redirect to the home page of the BuddyPress install (although the message will be posted to the wire)

3.) Attempting to send mail via Messages->Compose will redirect to the home page of the BuddyPress install upon hitting "Send"

#3 @junsuijin
13 years ago

  • Keywords needs-patch needs-testing 2nd-opinion added; @ username removed

Looking at wp-includes/formatting.php ( http://core.trac.wordpress.org/browser/trunk/wp-includes/formatting.php#L730 ) I see that sanitize_user allows characters that bp-activity/bp-activity-filters.php bp_activity_at_name_filter does not handle (_ .-@). I suspect this may have something to do with these problems since the activity streams get updated after the group creation and profile post. If this isn't the cause of the issue, it should be fixed in a separate ticket. I'm not sure how we can allow spaces in usernames...maybe using + character in activity content (like @some+guy), since it cannot be part of a username? Strict mode or further filter could also fix the issue but I don't think those are valid means of solving the problem(s).

#4 @apeatling
13 years ago

junsuijin - By default the invalid characters are filtered by BP in URLs. The problem only refers to when the compatibility mode is enabled for LDAP usernames.

#5 @apeatling
13 years ago

  • Resolution set to worksforme
  • Status changed from new to closed

Reading this again it looks like you are using the bp-classic theme with deprecated components. If you want to do this with 1.2 then you need to install the backwards compatibility plugin first:

http://wordpress.org/extend/plugins/buddypress-backwards-compatibility

Or, you can use the new bp-default theme in BuddyPress 1.2. All of my tests with these theme and version worked correctly.

Note: See TracTickets for help on using tickets.