CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
sanitize_user example
function wp_authenticate( $username, $password ) {
$username = sanitize_user( $username );
$password = trim( $password );
/** * Filters whether a set of user login credentials are valid. * * A WP_User object is returned if the credentials authenticate a user. * WP_Error or null otherwise. * * @since 2.8.0 * @since 4.5.0 `$username` now accepts an email address. * * @param null|WP_User|WP_Error $user WP_User if the user is authenticated. * WP_Error or null otherwise. * @param string $username Username or email address. * @param string $password User password. */
function wp_normalize_site_data( $data ) {
// Sanitize domain if passed. if ( array_key_exists( 'domain', $data ) ) {
$data['domain'] = trim( $data['domain'] );
$data['domain'] = preg_replace( '/\s+/', '', sanitize_user( $data['domain'], true ) );
if ( is_subdomain_install() ) {
$data['domain'] = str_replace( '@', '', $data['domain'] );
}
}
// Sanitize path if passed. if ( array_key_exists( 'path', $data ) ) {
$data['path'] = trailingslashit( '/' . trim( $data['path'], '/' ) );
}
// Sanitize network ID if passed.
case 'login':
default:
$secure_cookie = '';
$customize_login = isset( $_REQUEST['customize-login'] );
if ( $customize_login ) {
wp_enqueue_script( 'customize-base' );
}
// If the user wants SSL but the session is not SSL, force a secure cookie. if ( ! empty( $_POST['log'] ) && ! force_ssl_admin() ) {
$user_name = sanitize_user( wp_unslash( $_POST['log'] ) );
$user = get_user_by( 'login', $user_name );
if ( ! $user && strpos( $user_name, '@' ) ) {
$user = get_user_by( 'email', $user_name );
}
if ( $user ) {
if ( get_user_option( 'use_ssl', $user->ID ) ) {
$secure_cookie = true;
force_ssl_admin( true );
}
}
default:
$secure_cookie = '';
$customize_login = isset( $_REQUEST['customize-login'] );
if ( $customize_login ) {
wp_enqueue_script( 'customize-base' );
}
// If the user wants SSL but the session is not SSL, force a secure cookie. if ( ! empty( $_POST['log'] ) && ! force_ssl_admin() ) {
$user_name = sanitize_user( wp_unslash( $_POST['log'] ) );
$user = get_user_by( 'login', $user_name );
if ( ! $user && strpos( $user_name, '@' ) ) {
$user = get_user_by( 'email', $user_name );
}
if ( $user ) {
if ( get_user_option( 'use_ssl', $user->ID ) ) {
$secure_cookie = true;
force_ssl_admin( true );
}
}
$db_field = 'ID';
break;
case 'slug':
$user_id = wp_cache_get( $value, 'userslugs' );
$db_field = 'user_nicename';
break;
case 'email':
$user_id = wp_cache_get( $value, 'useremail' );
$db_field = 'user_email';
break;
case 'login':
$value = sanitize_user( $value );
$user_id = wp_cache_get( $value, 'userlogins' );
$db_field = 'user_login';
break;
default:
return false;
}
if ( false !== $user_id ) {
$user = wp_cache_get( $user_id, 'users' );
if ( $user ) {
return $user;
}
break;
case 'slug':
$user_id = wp_cache_get( $value, 'userslugs' );
$db_field = 'user_nicename';
break;
case 'email':
$user_id = wp_cache_get( $value, 'useremail' );
$db_field = 'user_email';
break;
case 'login':
$value = sanitize_user( $value );
$user_id = wp_cache_get( $value, 'userlogins' );
$db_field = 'user_login';
break;
default:
return false;
}
if ( false !== $user_id ) {
$user = wp_cache_get( $user_id, 'users' );
if ( $user ) {
return $user;
}
wp_redirect( $redirect );
die();
}
} else {
// Adding a new user to this site. $new_user_email = wp_unslash( $_REQUEST['email'] );
$user_details = wpmu_validate_user_signup( $_REQUEST['user_login'], $new_user_email );
if ( is_wp_error( $user_details['errors'] ) && $user_details['errors']->has_errors() ) {
$add_user_errors = $user_details['errors'];
} else {
/** This filter is documented in wp-includes/user.php */
$new_user_login = apply_filters( 'pre_user_login', sanitize_user( wp_unslash( $_REQUEST['user_login'] ), true ) );
if ( isset( $_POST['noconfirmation'] ) && current_user_can( 'manage_network_users' ) ) {
add_filter( 'wpmu_signup_user_notification', '__return_false' ); // Disable confirmation email. add_filter( 'wpmu_welcome_user_notification', '__return_false' ); // Disable welcome email. }
wpmu_signup_user(
$new_user_login,
$new_user_email,
array(
'add_to_blog' => get_current_blog_id(),
'new_role' => $_REQUEST['role'],
)
);
die();
}
} else {
// Adding a new user to this site. $new_user_email = wp_unslash( $_REQUEST['email'] );
$user_details = wpmu_validate_user_signup( $_REQUEST['user_login'], $new_user_email );
if ( is_wp_error( $user_details['errors'] ) && $user_details['errors']->has_errors() ) {
$add_user_errors = $user_details['errors'];
} else {
/** This filter is documented in wp-includes/user.php */
$new_user_login = apply_filters( 'pre_user_login', sanitize_user( wp_unslash( $_REQUEST['user_login'] ), true ) );
if ( isset( $_POST['noconfirmation'] ) && current_user_can( 'manage_network_users' ) ) {
add_filter( 'wpmu_signup_user_notification', '__return_false' ); // Disable confirmation email. add_filter( 'wpmu_welcome_user_notification', '__return_false' ); // Disable welcome email. }
wpmu_signup_user(
$new_user_login,
$new_user_email,
array(
'add_to_blog' => get_current_blog_id(),
'new_role' => $_REQUEST['role'],
)
);
$user_id = (int) $user_id;
if ( $user_id ) {
$update = true;
$user->ID = $user_id;
$userdata = get_userdata( $user_id );
$user->user_login = wp_slash( $userdata->user_login );
} else {
$update = false;
}
if ( ! $update && isset( $_POST['user_login'] ) ) {
$user->user_login = sanitize_user( wp_unslash( $_POST['user_login'] ), true );
}
$pass1 = '';
$pass2 = '';
if ( isset( $_POST['pass1'] ) ) {
$pass1 = trim( $_POST['pass1'] );
}
if ( isset( $_POST['pass2'] ) ) {
$pass2 = trim( $_POST['pass2'] );
}
if ( $user_id ) {
$update = true;
$user->ID = $user_id;
$userdata = get_userdata( $user_id );
$user->user_login = wp_slash( $userdata->user_login );
} else {
$update = false;
}
if ( ! $update && isset( $_POST['user_login'] ) ) {
$user->user_login = sanitize_user( wp_unslash( $_POST['user_login'] ), true );
}
$pass1 = '';
$pass2 = '';
if ( isset( $_POST['pass1'] ) ) {
$pass1 = trim( $_POST['pass1'] );
}
if ( isset( $_POST['pass2'] ) ) {
$pass2 = trim( $_POST['pass2'] );
}
/**
* Checks whether a username is valid.
*
* @since 2.0.1
* @since 4.4.0 Empty sanitized usernames are now considered invalid.
*
* @param string $username Username.
* @return bool Whether username given is valid.
*/
function validate_username( $username ) {
$sanitized = sanitize_user( $username, true );
$valid = ( $sanitized == $username && ! empty( $sanitized ) );
/** * Filters whether the provided username is valid. * * @since 2.0.1 * * @param bool $valid Whether given username is valid. * @param string $username Username to check. */
return apply_filters( 'validate_username', $valid, $username );
}
function validate_username( $username ) {
$sanitized = sanitize_user( $username, true );
$valid = ( $sanitized == $username && ! empty( $sanitized ) );
/** * Filters whether the provided username is valid. * * @since 2.0.1 * * @param bool $valid Whether given username is valid. * @param string $username Username to check. */
return apply_filters( 'validate_username', $valid, $username );
}
<?php echo esc_attr( $weblog_title ); ?>" /></td>
</tr>
<tr>
<th scope="row"><label for="user_login"><?php _e( 'Username' ); ?></label></th>
<td>
<?php
if ( $user_table ) {
_e( 'User(s) already exists.' );
echo '<input name="user_name" type="hidden" value="admin" />';
} else {
?> <input name="user_name" type="text" id="user_login" size="25" aria-describedby="user-name-desc" value="<?php echo esc_attr( sanitize_user( $user_name, true ) ); ?>" /> <p id="user-name-desc"><?php _e( 'Usernames can have only alphanumeric characters, spaces, underscores, hyphens, periods, and the @ symbol.' ); ?></p> <?php }
?> </td> </tr> <?php if ( ! $user_table ) : ?> <tr class="form-field form-required user-pass1-wrap"> <th scope="row"> <label for="pass1"> <?php _e( 'Password' ); ?>
_e( 'User(s) already exists.' );
echo '<input name="user_name" type="hidden" value="admin" />';
} else {
?> <input name="user_name" type="text" id="user_login" size="25" aria-describedby="user-name-desc" value="<?php echo esc_attr( sanitize_user( $user_name, true ) ); ?>" /> <p id="user-name-desc"><?php _e( 'Usernames can have only alphanumeric characters, spaces, underscores, hyphens, periods, and the @ symbol.' ); ?></p> <?php }
?> </td> </tr> <?php if ( ! $user_table ) : ?> <tr class="form-field form-required user-pass1-wrap"> <th scope="row"> <label for="pass1"> <?php _e( 'Password' ); ?>
function wpmu_validate_user_signup( $user_name, $user_email ) {
global $wpdb;
$errors = new WP_Error();
$orig_username = $user_name;
$user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) );
if ( $user_name != $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) {
$errors->add( 'user_name', __( 'Usernames can only contain lowercase letters (a-z) and numbers.' ) );
$user_name = $orig_username;
}
$user_email = sanitize_email( $user_email );
if ( empty( $user_name ) ) {
$errors->add( 'user_name', __( 'Please enter a username.' ) );
}