wpmu_validate_user_signup() WordPress Function
The wpmu_validate_user_signup() function is used to validate a new user signup on a WordPress Multisite installation. This function checks the submitted user data for errors, and if any are found, returns an error object containing details about the error.
wpmu_validate_user_signup( string $user_name, string $user_email ) #
Sanitizes and validates data required for a user sign-up.
Description
Verifies the validity and uniqueness of user names and user email addresses, and checks email addresses against allowed and disallowed domains provided by administrators.
The ‘wpmu_validate_user_signup’ hook provides an easy way to modify the sign-up process. The value $result, which is passed to the hook, contains both the user-provided info and the error messages created by the function. ‘wpmu_validate_user_signup’ allows you to process the data in any way you’d like, and unset the relevant errors if necessary.
Parameters
- $user_name
(string)(Required)The login name provided by the user.
- $user_email
(string)(Required)The email provided by the user.
Return
(array) The array of user name, email, and the error messages.
Source
File: wp-includes/ms-functions.php
function wpmu_validate_user_signup( $user_name, $user_email ) { global $wpdb; $errors = new WP_Error(); $orig_username = $user_name; $user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) ); if ( $user_name != $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) { $errors->add( 'user_name', __( 'Usernames can only contain lowercase letters (a-z) and numbers.' ) ); $user_name = $orig_username; } $user_email = sanitize_email( $user_email ); if ( empty( $user_name ) ) { $errors->add( 'user_name', __( 'Please enter a username.' ) ); } $illegal_names = get_site_option( 'illegal_names' ); if ( ! is_array( $illegal_names ) ) { $illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' ); add_site_option( 'illegal_names', $illegal_names ); } if ( in_array( $user_name, $illegal_names, true ) ) { $errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) ); } /** This filter is documented in wp-includes/user.php */ $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() ); if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_logins ), true ) ) { $errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) ); } if ( ! is_email( $user_email ) ) { $errors->add( 'user_email', __( 'Please enter a valid email address.' ) ); } elseif ( is_email_address_unsafe( $user_email ) ) { $errors->add( 'user_email', __( 'You cannot use that email address to signup. There are problems with them blocking some emails from WordPress. Please use another email provider.' ) ); } if ( strlen( $user_name ) < 4 ) { $errors->add( 'user_name', __( 'Username must be at least 4 characters.' ) ); } if ( strlen( $user_name ) > 60 ) { $errors->add( 'user_name', __( 'Username may not be longer than 60 characters.' ) ); } // All numeric? if ( preg_match( '/^[0-9]*$/', $user_name ) ) { $errors->add( 'user_name', __( 'Sorry, usernames must have letters too!' ) ); } $limited_email_domains = get_site_option( 'limited_email_domains' ); if ( is_array( $limited_email_domains ) && ! empty( $limited_email_domains ) ) { $limited_email_domains = array_map( 'strtolower', $limited_email_domains ); $emaildomain = strtolower( substr( $user_email, 1 + strpos( $user_email, '@' ) ) ); if ( ! in_array( $emaildomain, $limited_email_domains, true ) ) { $errors->add( 'user_email', __( 'Sorry, that email address is not allowed!' ) ); } } // Check if the username has been used already. if ( username_exists( $user_name ) ) { $errors->add( 'user_name', __( 'Sorry, that username already exists!' ) ); } // Check if the email address has been used already. if ( email_exists( $user_email ) ) { $errors->add( 'user_email', sprintf( /* translators: %s: Link to the login page. */ __( '<strong>Error:</strong> This email address is already registered. <a href="%s">Log in</a> with this address or choose another one.' ), wp_login_url() ) ); } // Has someone already signed up for this username? $signup = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE user_login = %s", $user_name ) ); if ( $signup instanceof stdClass ) { $registered_at = mysql2date( 'U', $signup->registered ); $now = time(); $diff = $now - $registered_at; // If registered more than two days ago, cancel registration and let this signup go through. if ( $diff > 2 * DAY_IN_SECONDS ) { $wpdb->delete( $wpdb->signups, array( 'user_login' => $user_name ) ); } else { $errors->add( 'user_name', __( 'That username is currently reserved but may be available in a couple of days.' ) ); } } $signup = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE user_email = %s", $user_email ) ); if ( $signup instanceof stdClass ) { $diff = time() - mysql2date( 'U', $signup->registered ); // If registered more than two days ago, cancel registration and let this signup go through. if ( $diff > 2 * DAY_IN_SECONDS ) { $wpdb->delete( $wpdb->signups, array( 'user_email' => $user_email ) ); } else { $errors->add( 'user_email', __( 'That email address has already been used. Please check your inbox for an activation email. It will become available in a couple of days if you do nothing.' ) ); } } $result = array( 'user_name' => $user_name, 'orig_username' => $orig_username, 'user_email' => $user_email, 'errors' => $errors, ); /** * Filters the validated user registration details. * * This does not allow you to override the username or email of the user during * registration. The values are solely used for validation and error handling. * * @since MU (3.0.0) * * @param array $result { * The array of user name, email, and the error messages. * * @type string $user_name Sanitized and unique username. * @type string $orig_username Original username. * @type string $user_email User email address. * @type WP_Error $errors WP_Error object containing any errors found. * } */ return apply_filters( 'wpmu_validate_user_signup', $result ); }
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
Version | Description |
---|---|
MU (3.0.0) | Introduced. |