<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[14428] trunk: Fix user validation feedback.</title>
</head>
<body>

<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/14428">14428</a></dd>
<dt>Author</dt> <dd>ryan</dd>
<dt>Date</dt> <dd>2010-05-03 23:46:42 +0000 (Mon, 03 May 2010)</dd>
</dl>

<h3>Log Message</h3>
<pre>Fix user validation feedback. Props sivel. fixes <a href="http://trac.wordpress.org/ticket/13162">#13162</a></pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadminincludesuserphp">trunk/wp-admin/includes/user.php</a></li>
<li><a href="#trunkwpincludesformattingphp">trunk/wp-includes/formatting.php</a></li>
<li><a href="#trunkwploginphp">trunk/wp-login.php</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadminincludesuserphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/user.php (14427 => 14428)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/user.php        2010-05-03 23:39:57 UTC (rev 14427)
+++ trunk/wp-admin/includes/user.php        2010-05-03 23:46:42 UTC (rev 14428)
</span><span class="lines">@@ -158,8 +158,8 @@
</span><span class="cx">         if ( !empty( $pass1 ) )
</span><span class="cx">                 $user-&gt;user_pass = $pass1;
</span><span class="cx"> 
</span><del>-        if ( !$update &amp;&amp; !validate_username( $user-&gt;user_login ) )
-                $errors-&gt;add( 'user_login', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: This username is invalid. Please enter a valid username.' ));
</del><ins>+        if ( !$update &amp;&amp; isset( $_POST['user_login'] ) &amp;&amp; !validate_username( $_POST['user_login'] ) )
+                $errors-&gt;add( 'user_login', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: This username is invalid because it uses illegal characters. Please enter a valid username.' ));
</ins><span class="cx"> 
</span><span class="cx">         if ( !$update &amp;&amp; username_exists( $user-&gt;user_login ) )
</span><span class="cx">                 $errors-&gt;add( 'user_login', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: This username is already registered. Please choose another one.' ));
</span></span></pre></div>
<a id="trunkwpincludesformattingphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/formatting.php (14427 => 14428)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/formatting.php        2010-05-03 23:39:57 UTC (rev 14427)
+++ trunk/wp-includes/formatting.php        2010-05-03 23:46:42 UTC (rev 14428)
</span><span class="lines">@@ -735,19 +735,20 @@
</span><span class="cx">  */
</span><span class="cx"> function sanitize_user( $username, $strict = false ) {
</span><span class="cx">         $raw_username = $username;
</span><del>-        $username = wp_strip_all_tags($username);
</del><ins>+        $username = wp_strip_all_tags( $username );
+        $username = remove_accents( $username );
</ins><span class="cx">         // Kill octets
</span><del>-        $username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username);
-        $username = preg_replace('/&amp;.+?;/', '', $username); // Kill entities
</del><ins>+        $username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username );
+        $username = preg_replace( '/&amp;.+?;/', '', $username ); // Kill entities
</ins><span class="cx"> 
</span><span class="cx">         // If strict, reduce to ASCII for max portability.
</span><span class="cx">         if ( $strict )
</span><del>-                $username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username);
</del><ins>+                $username = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $username );
</ins><span class="cx"> 
</span><span class="cx">         // Consolidate contiguous whitespace
</span><del>-        $username = preg_replace('|\s+|', ' ', $username);
</del><ins>+        $username = preg_replace( '|\s+|', ' ', $username );
</ins><span class="cx"> 
</span><del>-        return apply_filters('sanitize_user', $username, $raw_username, $strict);
</del><ins>+        return apply_filters( 'sanitize_user', $username, $raw_username, $strict );
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> /**
</span></span></pre></div>
<a id="trunkwploginphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-login.php (14427 => 14428)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-login.php        2010-05-03 23:39:57 UTC (rev 14427)
+++ trunk/wp-login.php        2010-05-03 23:46:42 UTC (rev 14428)
</span><span class="lines">@@ -268,47 +268,49 @@
</span><span class="cx">  * @param string $user_email User's email address to send password and add
</span><span class="cx">  * @return int|WP_Error Either user's ID or error on failure.
</span><span class="cx">  */
</span><del>-function register_new_user($user_login, $user_email) {
</del><ins>+function register_new_user( $user_login, $user_email ) {
</ins><span class="cx">         $errors = new WP_Error();
</span><span class="cx"> 
</span><del>-        $user_login = sanitize_user( $user_login );
</del><ins>+        $sanitized_user_login = sanitize_user( $user_login );
</ins><span class="cx">         $user_email = apply_filters( 'user_registration_email', $user_email );
</span><span class="cx"> 
</span><span class="cx">         // Check the username
</span><del>-        if ( $user_login == '' )
-                $errors-&gt;add('empty_username', __('&lt;strong&gt;ERROR&lt;/strong&gt;: Please enter a username.'));
-        elseif ( !validate_username( $user_login ) ) {
-                $errors-&gt;add('invalid_username', __('&lt;strong&gt;ERROR&lt;/strong&gt;: This username is invalid.  Please enter a valid username.'));
-                $user_login = '';
-        } elseif ( username_exists( $user_login ) )
-                $errors-&gt;add('username_exists', __('&lt;strong&gt;ERROR&lt;/strong&gt;: This username is already registered, please choose another one.'));
</del><ins>+        if ( $sanitized_user_login == '' ) {
+                $errors-&gt;add( 'empty_username', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: Please enter a username.' ) );
+        } elseif ( ! validate_username( $user_login ) ) {
+                $errors-&gt;add( 'invalid_username', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
+                $sanitized_user_login = '';
+        } elseif ( username_exists( $sanitized_user_login ) ) {
+                $errors-&gt;add( 'username_exists', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: This username is already registered, please choose another one.' ) );
+        }
</ins><span class="cx"> 
</span><span class="cx">         // Check the e-mail address
</span><del>-        if ($user_email == '') {
-                $errors-&gt;add('empty_email', __('&lt;strong&gt;ERROR&lt;/strong&gt;: Please type your e-mail address.'));
-        } elseif ( !is_email( $user_email ) ) {
-                $errors-&gt;add('invalid_email', __('&lt;strong&gt;ERROR&lt;/strong&gt;: The email address isn&amp;#8217;t correct.'));
</del><ins>+        if ( $user_email == '' ) {
+                $errors-&gt;add( 'empty_email', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: Please type your e-mail address.' ) );
+        } elseif ( ! is_email( $user_email ) ) {
+                $errors-&gt;add( 'invalid_email', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: The email address isn&amp;#8217;t correct.' ) );
</ins><span class="cx">                 $user_email = '';
</span><del>-        } elseif ( email_exists( $user_email ) )
-                $errors-&gt;add('email_exists', __('&lt;strong&gt;ERROR&lt;/strong&gt;: This email is already registered, please choose another one.'));
</del><ins>+        } elseif ( email_exists( $user_email ) ) {
+                $errors-&gt;add( 'email_exists', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: This email is already registered, please choose another one.' ) );
+        }
</ins><span class="cx"> 
</span><del>-        do_action('register_post', $user_login, $user_email, $errors);
</del><ins>+        do_action( 'register_post', $sanitized_user_login, $user_email, $errors );
</ins><span class="cx"> 
</span><del>-        $errors = apply_filters( 'registration_errors', $errors, $user_login, $user_email );
</del><ins>+        $errors = apply_filters( 'registration_errors', $errors, $sanitized_user_login, $user_email );
</ins><span class="cx"> 
</span><span class="cx">         if ( $errors-&gt;get_error_code() )
</span><span class="cx">                 return $errors;
</span><span class="cx"> 
</span><span class="cx">         $user_pass = wp_generate_password();
</span><del>-        $user_id = wp_create_user( $user_login, $user_pass, $user_email );
-        if ( !$user_id ) {
-                $errors-&gt;add('registerfail', sprintf(__('&lt;strong&gt;ERROR&lt;/strong&gt;: Couldn&amp;#8217;t register you... please contact the &lt;a href=&quot;mailto:%s&quot;&gt;webmaster&lt;/a&gt; !'), get_option('admin_email')));
</del><ins>+        $user_id = wp_create_user( $sanitized_user_login, $user_pass, $user_email );
+        if ( ! $user_id ) {
+                $errors-&gt;add( 'registerfail', sprintf( __( '&lt;strong&gt;ERROR&lt;/strong&gt;: Couldn&amp;#8217;t register you... please contact the &lt;a href=&quot;mailto:%s&quot;&gt;webmaster&lt;/a&gt; !' ), get_option( 'admin_email' ) ) );
</ins><span class="cx">                 return $errors;
</span><span class="cx">         }
</span><span class="cx"> 
</span><del>-        update_user_option($user_id, 'default_password_nag', true, true); //Set up the Password change nag.
</del><ins>+        update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.
</ins><span class="cx"> 
</span><del>-        wp_new_user_notification($user_id, $user_pass);
</del><ins>+        wp_new_user_notification( $user_id, $user_pass );
</ins><span class="cx"> 
</span><span class="cx">         return $user_id;
</span><span class="cx"> }
</span></span></pre>
</div>
</div>

</body>
</html>