[wpmu-trac] Re: [WordPress MU Trac] #680: Alphanumeric user name
may be too strong in wpmu_create_user
WordPress MU Trac
wpmu-trac at lists.automattic.com
Fri Jul 18 10:19:51 GMT 2008
#680: Alphanumeric user name may be too strong in wpmu_create_user
-------------------------------------------------+--------------------------
Reporter: ev3rywh3re | Owner: somebody
Type: defect | Status: closed
Priority: normal | Milestone:
Component: component1 | Version:
Severity: major | Resolution: fixed
Keywords: username, profile, wpmu_create_user |
-------------------------------------------------+--------------------------
Changes (by donncha):
* status: reopened => closed
* resolution: => fixed
Comment:
The intent is to make sure usernames and blognames are sane. Using an
email address as a blogname when using VHOSTs is a recipe for disaster as
the browser thinks you're logging in using http auth.
I've changed that line and a few other places to strictly sanitize the
blogname and username, but it will still exclude the @ if VHOSTs are
enabled.
--
Ticket URL: <http://trac.mu.wordpress.org/ticket/680#comment:3>
WordPress MU Trac <http://mu.wordpress.org/>
WordPress Multiuser
More information about the wpmu-trac
mailing list