[wp-trac] [WordPress Trac] #12823: Blog name is unnecessarily sanitized
WordPress Trac
wp-trac at lists.automattic.com
Fri Apr 2 21:21:54 UTC 2010
#12823: Blog name is unnecessarily sanitized
--------------------------+-------------------------------------------------
Reporter: nbachiyski | Owner:
Type: defect (bug) | Status: new
Priority: high | Milestone: 3.0
Component: Multisite | Version:
Severity: normal | Keywords: has-patch signup ux
--------------------------+-------------------------------------------------
When validating a blog information on multisite signup the blog name is
sanitized using {{{sanitize_user()}}}. After that there is a check if the
blog name matches {{{[a-z0-9]+}}} and if it doesn't match it is rejected.
In this case there is no need of sanitizing the blog name before the
check. Also, sanitizing sometimes confuses users, because their blog name
seems accepted, but in fact a modified version is used, not what they
entered.
For example, enter {{{bábá}}} as blog name and after sanitizing it will
become {{{baba}}}. Or enter something in cyrillic like {{{баба}}}. After
sanitization it will become an empty string and the error message will be
as if you didn't enter anything.
All these make for a confusing user experience.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12823>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list