Opened 9 years ago
Last modified 6 years ago
#6895 new defect (bug)
bp_core_validate_email_address doesn’t check signups table
Reported by: | baldgoat | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Contributions | Priority: | normal |
Severity: | normal | Version: | 2.0 |
Component: | Registration | Keywords: | needs-patch needs-unit-tests |
Cc: |
Description
Not sure if this falls under WP Core or it's a BuddyPress issue.
It's more accurate to say that email_exists doesn't check the signups table to see if an signup with a duplicate email already exists. But, it may be a BuddyPress issue because it only becomes an issue if BP_SIGNUPS_SKIP_USER_CREATION is set to true in the wp-config.
Oddly enough, username_exists appears to check the signups table for a duplicate user_login. I, honestly, did not dig enough to confirm that for certain or if another filter/action is doing the check.
Change History (7)
#2
@
9 years ago
- Component changed from API to API - Sign ups & Activation
- Keywords needs-patch needs-unit-tests added
- Milestone changed from Awaiting Review to Under Consideration
- Version set to 2.0
@baldgoat - Your problem sounds about right to me, but we'll need to verify to be sure.
Moving to "Under Consideration" for now. Once we have a patch, it'll move to an appropriate milestone (most likely 2.6.0).
#4
@
8 years ago
- Milestone changed from Awaiting Review to Future Release
We need to look at bp-signup->resend
and bp_core_validate_email_address
and maybe bp_core_validate_user_signup
. We should duplicate almost all the logic from wpmu_validate_user_signup
, which includes checking the signups table.
#5
@
6 years ago
- Milestone changed from Awaiting Contributions to Up Next
Just marked #7498 as a duplicate.
This will be important to fix if we decide to ditch the user entry created during signup, which was added for backward compatibility reasons. See:
https://buddypress.trac.wordpress.org/browser/tags/3.1.0/src/bp-members/bp-members-functions.php?marks=1699-1720#L1669
Moving to Up Next.
At the request of shanebp on the BuddyPress.org forums, here is a link to our discussion...
https://buddypress.org/support/topic/bp_core_validate_email_address-doesnt-check-signups-table/
And the filter I wrote to resolve the issue...
add_filter('bp_core_validate_user_signup', 'check_signups_for_dup'); function check_signups_for_dup($arrResult) { //If errors already exist just send it back if (!empty($arrResult['errors']->errors['user_name']) || !empty($arrResult['errors']->errors['user_email'])) { return $arrResult; } global $wpdb; $strUsernameQry = "SELECT COUNT(*) FROM {$wpdb->prefix}signups WHERE active='0' AND user_login = %s"; $strEmailQry = "SELECT COUNT(*) FROM {$wpdb->prefix}signups WHERE active='0' AND user_email = %s"; $intUsernames = $wpdb->get_var($wpdb->prepare($strUsernameQry, $arrResult['user_name'])); $intEmails = $wpdb->get_var($wpdb->prepare($strEmailQry, $arrResult['user_email'])); if (!empty($intUsernames)) { $arrResult['errors']->add('user_name', 'Sorry, a signup with that username already exists'); } if (!empty($intEmails)) { $arrResult['errors']->add('user_email', 'Sorry, a signup with that email already exists'); } return $arrResult; }