From 14f39faab14db0fdeb470579434c8c59798edf71 Mon Sep 17 00:00:00 2001 From: Jeremy Felt Date: Sat, 4 Jul 2015 05:52:46 +0000 Subject: [PATCH] Usernames in multisite should be restricted to 60 characters or fewer. Only 60 characters can be stored in the database for a username, which could cause lookup issues when attempting to use similar usernames of extreme length. Props @DJPaul. See #17904, Fixes #26784. git-svn-id: https://develop.svn.wordpress.org/trunk@33083 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/ms-functions.php | 4 ++++ tests/phpunit/tests/multisite/wpmuValidateUserSignup.php | 1 + 2 files changed, 5 insertions(+) diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index 8493b40b36..487d8401e5 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -494,6 +494,10 @@ function wpmu_validate_user_signup($user_name, $user_email) { if ( strlen( $user_name ) < 4 ) $errors->add('user_name', __( 'Username must be at least 4 characters.' ) ); + if ( strlen( $user_name ) > 60 ) { + $errors->add( 'user_name', __( 'Username may not be longer than 60 characters.' ) ); + } + if ( strpos( $user_name, '_' ) !== false ) $errors->add( 'user_name', __( 'Sorry, usernames may not contain the character “_”!' ) ); diff --git a/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php b/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php index 914d938691..a368288d8c 100644 --- a/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php +++ b/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php @@ -26,6 +26,7 @@ class Tests_Multisite_WpmuValidateUserSignup extends WP_UnitTestCase { array( 'f', 'User names of 1 characters are not allowed.' ), array( 'f', 'User names of 1 characters are not allowed.' ), array( '12345', 'User names consisting only of numbers are not allowed.' ), + array( 'thisusernamecontainsenoughcharacterstobelongerthan60characters', 'User names longer than 60 characters are not allowed.' ), ); }