Changeset 46640

Timestamp:

11/03/2019 08:10:23 PM (5 years ago)

Author:

whyisjake

Message:

Login and Registration: Allow email logins to be more flexible.

Allows a login to have an apostorphe. Which would normally be created as a mistake, but this allows the login to happen.

Fixes #38744
Props wpkuf, desrosj, socalchristina, bibliofille, santilinwp, nsubugak, sncoker, cafenoirdesign, whyisjake.

Location:

trunk

Files:

• src/wp-admin/includes/user.php (modified) (1 diff)
• src/wp-includes/user.php (modified) (1 diff)
• src/wp-login.php (modified) (2 diffs)
• tests/phpunit/tests/user.php (modified) (2 diffs)

trunk/src/wp-admin/includes/user.php

@@ -42 +42 @@
 
     if ( ! $update && isset( $_POST['user_login'] ) ) {
-        $user->user_login = sanitize_user( $_POST['user_login'], true );
+        $user->user_login = sanitize_user( , true );
     }
 

trunk/src/wp-includes/user.php

@@ -36 +36 @@
 
         if ( ! empty( $_POST['log'] ) ) {
-            $credentials['user_login'] = $_POST['log'];
+            $credentials['user_login'] = ;
         }
         if ( ! empty( $_POST['pwd'] ) ) {

trunk/src/wp-login.php

@@ -1033 +1033 @@
         if ( $http_post ) {
             if ( isset( $_POST['user_login'] ) && is_string( $_POST['user_login'] ) ) {
-                $user_login = $_POST['user_login'];
+                $user_login = ;
             }
 
@@ -1151 +1151 @@
         // If the user wants SSL but the session is not SSL, force a secure cookie.
         if ( ! empty( $_POST['log'] ) && ! force_ssl_admin() ) {
-            $user_name = sanitize_user( $_POST['log'] );
+            $user_name = sanitize_user(  );
             $user      = get_user_by( 'login', $user_name );
 

trunk/tests/phpunit/tests/user.php

@@ -36 +36 @@
         self::$user_ids[] = self::$contrib_id;
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
         self::$author_id  = $factory->user->create(
             array(
@@ -64 +80 @@
 
         $this->author = clone self::$_author;
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
     }