[wp-trac] [WordPress Trac] #12823: Blog name is unnecessarily sanitized

WordPress Trac wp-trac at lists.automattic.com
Fri Apr 2 21:21:54 UTC 2010


#12823: Blog name is unnecessarily sanitized
--------------------------+-------------------------------------------------
 Reporter:  nbachiyski    |       Owner:                     
     Type:  defect (bug)  |      Status:  new                
 Priority:  high          |   Milestone:  3.0                
Component:  Multisite     |     Version:                     
 Severity:  normal        |    Keywords:  has-patch signup ux
--------------------------+-------------------------------------------------
 When validating a blog information on multisite signup the blog name is
 sanitized using {{{sanitize_user()}}}. After that there is a check if the
 blog name matches {{{[a-z0-9]+}}} and if it doesn't match it is rejected.

 In this case there is no need of sanitizing the blog name before the
 check. Also, sanitizing sometimes confuses users, because their blog name
 seems accepted, but in fact a modified version is used, not what they
 entered.

 For example, enter {{{bábá}}} as blog name and after sanitizing it will
 become {{{baba}}}. Or enter something in cyrillic like {{{баба}}}. After
 sanitization it will become an empty string and the error message will be
 as if you didn't enter anything.

 All these make for a confusing user experience.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/12823>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list