[wp-hackers] Loosening username restrictions in plugin?
Alan J Castonguay
alan at verselogic.net
Thu Oct 26 04:57:20 GMT 2006
I'm working on a plugin (wpopenid) that does user registration. I
want to permit urls in the username slug (or most of a url, this is a
vanity issue).
In wp_insert_user(), sanitize_user( $username, true ) is called,
which strips all sorts of interesting characters from the name, under
the claim "If strict, reduce to ASCII for max portability". Is there
a compulsive reason to avoid relaxing this restriction to
sanitize_user( $username, false )?
If not, I'm planning on making a recursive call to sanitize_user() ala:
sanitize_user() calls
> return apply_filters('sanitize_user', $username, $raw_username,
$strict);
add_filter('sanitize_user', 'destrict_username', 2, 3);
function destruct_username( $username, $raw_username, $strict ) {
if( $strict && $some_flag_in_my_plugin ) return sanitize_user
( $raw_username, false )
return $username;
}
Does anyone see a problem with this train of thought?
Alan J Castonguay
More information about the wp-hackers
mailing list