Making WordPress.org

Changeset 10990


Ignore:
Timestamp:
05/21/2021 06:12:00 AM (3 years ago)
Author:
dd32
Message:

Registration: When changing the email, ensure that it gets trimmed properly.

Follow up to r10981.
See #5181.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/functions-registration.php

    r10981 r10990  
    359359
    360360    $updated_email = false;
     361    $new_email     = trim( wp_unslash( $_POST['user_email'] ?? '' ) );
    361362    if (
    362363        'pending' === $state &&
    363364        empty( $pending_user['meta']['changed_email'] ) && // Only if they've not changed it before.
    364         ! empty( $_POST['user_email'] ) &&
    365         wp_unslash( $_POST['user_email'] ) !== $pending_user['user_email']
     365        $new_email &&
     366        $new_email !== $pending_user['user_email']
    366367    ) {
    367368        // Validate the email
    368         $error_user_email = rest_do_request( new WP_REST_Request( 'GET', '/wporg/v1/email-in-use/' . wp_unslash( $_POST['user_email'] ) ) );
     369        $error_user_email = rest_do_request( new WP_REST_Request( 'GET', '/wporg/v1/email-in-use/' . $new_email ) );
    369370        if ( $error_user_email->get_data()['available'] ) {
    370371            // Change their email, resend confirmation.
    371372            $pending_user['meta']['changed_email'] = $pending_user['user_email'];
    372             $pending_user['user_email']            = wp_unslash( $_POST['user_email'] );
     373            $pending_user['user_email']            = $new_email;
    373374            $pending_user['user_activation_key']   = ''; // Clear any existing email hash.
    374375            $updated_email                         = true;
Note: See TracChangeset for help on using the changeset viewer.