[wp-hackers] Maybe a secure-hole

Jeremy Clarke jer-wphackers at simianuprising.com
Thu Oct 9 20:51:28 GMT 2008

On Thu, Oct 9, 2008 at 4:43 PM, Otto <otto at ottodestruct.com> wrote:
> It was pointed out that it actually uses the user_nicename field,
> which is the sanitized version of the user_login field. Change the
> nicename = change the URL. Nicename is not editable anywhere though.
>> Why not just use a lowercase url-ized version of display name for
>> author urls?
> You could use the pre_user_nicename filter to change it to something else:
> function change_nicename($nicename) {
> return sanitize_title($_POST['display_name']);
> }
> add_filter('pre_user_nicename','change_nicename');
>> Last thing: Why is there no permalinks field for the author base?
> It's there, just has no option in the admin menus to edit it. Just
> change the global $wp_rewrite->author_base to whatever you want it to
> be.

Ugh. Thanks for the tips, both are good advice but in both cases I
would MUCH rather it be part of core so that I don't have to think
about it and worry about maintaining it going forward.

Jeremy Clarke
Code and Design | globalvoicesonline.org

More information about the wp-hackers mailing list