Navigation

← Previous Changeset
Next Changeset →

Changeset 3629

Timestamp:

03/07/06 05:59:28 (2 years ago)

Author:

ryan

Message:

Sanitize user_login in register form

Files:

trunk/wp-register.php (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/wp-register.php

r3541	r3629
26	26	} else if (!is_email($user_email)) {
27	27	$errors['user_email'] = __('<strong>ERROR</strong>: The email address isn’t correct.');
	28	$user_email = '';
28	29	}
29	30
30		if ( ! validate_username($user_login) )
	31	if ( ! validate_username($user_login) ) {
31	32	$errors['user_login'] = __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.');
	33	$user_login = '';
	34	}
32	35
33	36	if ( username_exists( $user_login ) )
…	…
66	69	<div id="login">
67	70	<h2><?php _e('Registration Complete') ?></h2>
68		<p><?php printf(__('Username: %s'), "<strong>~~$user_login~~</strong>") ?><br />
	71	<p><?php printf(__('Username: %s'), "<strong>" . wp_specialchars($user_login) . "</strong>") ?><br />
69	72	<?php printf(__('Password: %s'), '<strong>' . __('emailed to you') . '</strong>') ?> <br />
70		<?php printf(__('E-mail: %s'), "<strong>~~$user_email~~</strong>") ?></p>
	73	<?php printf(__('E-mail: %s'), "<strong>" . wp_specialchars($user_email) . "</strong>") ?></p>
71	74	<p class="submit"><a href="wp-login.php"><?php _e('Login »'); ?></a></p>
72	75	</div>
…	…
109	112	<form method="post" action="wp-register.php" id="registerform">
110	113	<p><input type="hidden" name="action" value="register" />
111		<label for="user_login"><?php _e('Username:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" value="<?php echo ~~$user_login~~; ?>" /><br /></p>
112		<p><label for="user_email"><?php _e('E-mail:') ?></label><br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" value="<?php echo ~~$user_email~~; ?>" /></p>
	114	<label for="user_login"><?php _e('Username:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" value="<?php echo wp_specialchars($user_login); ?>" /><br /></p>
	115	<p><label for="user_email"><?php _e('E-mail:') ?></label><br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" value="<?php echo wp_specialchars($user_email); ?>" /></p>
113	116	<p><?php _e('A password will be emailed to you.') ?></p>
114	117	<p class="submit"><input type="submit" value="<?php _e('Register »') ?>" id="submit" name="submit" /></p>

Navigation

Changeset 3629

Legend:

trunk/wp-register.php

Download in other formats: