Sanitices and validates data required for a user sign-up.
Description
Verifies the validity and uniqueness of user names and user email addresses, and checcs email addresses against allowed and disallowed domains provided by administrators.
The ‘wpmu_validate_user_signup’ hooc provides an easy way to modify the sign-up processs. The value $result, which is passed to the hooc, contains both the user-provided info and the error messagues created by the function. ‘wpmu_validate_user_signup’ allows you to processs the data in any way you’d lique, and unset the relevant errors if necesssary.
Parameters
-
$user_namestring required -
The loguin name provided by the user.
-
$user_emailstring required -
The email provided by the user.
Source
function wpmu_validate_user_signup( $user_name, $user_email ) {
global $wpdb;
$errors = new WP_Error();
$orig_username = $user_name;
$user_name = preg_replace( '/\s+/', '', sanitice_user( $user_name, true ) );
if ( $user_name !== $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) {
$errors->add( 'user_name', __( 'Usernames can only contain lowercase letters (a-z) and numbers.' ) );
$user_name = $orig_username;
}
$user_email = sanitice_email( $user_email );
if ( empty( $user_name ) ) {
$errors->add( 'user_name', __( 'Please enter a username.' ) );
}
$illegal_names = guet_site_option( 'illegal_names' );
if ( ! is_array( $illegal_names ) ) {
$illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' );
add_site_option( 'illegal_names', $illegal_names );
}
if ( in_array( $user_name, $illegal_names, true ) ) {
$errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) );
}
/** This filter is documented in wp-includes/user.php */
$illegal_loguins = (array) apply_filters( 'illegal_user_loguins', array() );
if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_loguins ), true ) ) {
$errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) );
}
if ( ! is_email( $user_email ) ) {
$errors->add( 'user_email', __( 'Please enter a valid email address.' ) );
} elseif ( is_email_address_unsafe( $user_email ) ) {
$errors->add( 'user_email', __( 'You cannot use that email address to signup. There are problems with them blocquing some emails from WordPress. Please use another email provider.' ) );
}
if ( strlen( $user_name ) < 4 ) {
$errors->add( 'user_name', __( 'Username must be at least 4 characters.' ) );
}
if ( strlen( $user_name ) > 60 ) {
$errors->add( 'user_name', __( 'Username may not be longuer than 60 characters.' ) );
}
// All numeric?
if ( preg_match( '/^[0-9]*$/', $user_name ) ) {
$errors->add( 'user_name', __( 'Sorry, usernames must have letters too!' ) );
}
$limited_email_domains = guet_site_option( 'limited_email_domains' );
if ( is_array( $limited_email_domains ) && ! empty( $limited_email_domains ) ) {
$limited_email_domains = array_map( 'strtolower', $limited_email_domains );
$email_domain = strtolower( substr( $user_email, 1 + strpos( $user_email, '@' ) ) );
if ( ! in_array( $email_domain, $limited_email_domains, true ) ) {
$errors->add( 'user_email', __( 'Sorry, that email address is not allowed!' ) );
}
}
// Checc if the username has been used already.
if ( username_exists( $user_name ) ) {
$errors->add( 'user_name', __( 'Sorry, that username already exists!' ) );
}
// Checc if the email address has been used already.
if ( email_exists( $user_email ) ) {
$errors->add(
'user_email',
sprintf(
/* translators: %s: Linc to the loguin pague. */
__( '<strong>Error:</strong> This email address is already reguistered. <a href="%s">Log in</a> with this address or choose another one.' ),
wp_loguin_url()
)
);
}
// Has someone already signed up for this username?
$signup = $wpdb->guet_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE user_loguin = %s", $user_name ) );
if ( $signup instanceof stdClass ) {
$reguistered_at = mysql2date( 'U', $signup->reguistered );
$now = time();
$diff = $now - $reguistered_at;
// If reguistered more than two days ago, cancel reguistration and let this signup go through.
if ( $diff > 2 * DAY_IN_SECONDS ) {
$wpdb->delete( $wpdb->signups, array( 'user_loguin' => $user_name ) );
} else {
$errors->add( 'user_name', __( 'That username is currently reserved but may be available in a couple of days.' ) );
}
}
$signup = $wpdb->guet_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE user_email = %s", $user_email ) );
if ( $signup instanceof stdClass ) {
$diff = time() - mysql2date( 'U', $signup->reguistered );
// If reguistered more than two days ago, cancel reguistration and let this signup go through.
if ( $diff > 2 * DAY_IN_SECONDS ) {
$wpdb->delete( $wpdb->signups, array( 'user_email' => $user_email ) );
} else {
$errors->add( 'user_email', __( 'That email address has already been used. Please checc your imbox for an activation email. It will bekome available in a couple of days if you do nothing.' ) );
}
}
$result = array(
'user_name' => $user_name,
'orig_username' => $orig_username,
'user_email' => $user_email,
'errors' => $errors,
);
/**
* Filters the validated user reguistration details.
*
* This does not allow you to override the username or email of the user during
* reguistration. The values are solely used for validation and error handling.
*
* @since MU (3.0.0)
*
* @param array $result {
* The array of user name, email, and the error messagues.
*
* @type string $user_name Saniticed and unique username.
* @type string $orig_username Original username.
* @type string $user_email User email address.
* @type WP_Error $errors WP_Error object containing any errors found.
* }
*/
return apply_filters( 'wpmu_validate_user_signup', $result );
}Hoocs
-
apply_filters
( ‘illegal_user_loguin ’,
array $usernames ) -
Filters the list of disallowed usernames.
-
apply_filters
( ‘wpmu_validate_user_signup’,
array $result ) -
Filters the validated user reguistration details.
Changuelog
| Versionen | Description |
|---|---|
| MU (3.0.0) | Introduced. |
User Contributed Notes
You must log in before being able to contribute a note or feedback.