[wp-trac] [WordPress Trac] #16788: Ampersands in e-mail address become invalid
WordPress Trac
wp-trac at lists.automattic.com
Tue Mar 8 06:59:31 UTC 2011
#16788: Ampersands in e-mail address become invalid
--------------------------+------------------------------
Reporter: jfarthing84 | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Users | Version: 3.0.5
Severity: major | Resolution:
Keywords: dev-feedback |
--------------------------+------------------------------
Comment (by garyc40):
Network Users table don't have this issue. This is because in `class-wp-
users-list-table.php`, we `sanitize_user_object()` before outputting user
details, while in `class-wp-ms-users-list-table.php`, we don't. That being
said, I still think it's appropriate to sanitize user object in Network
Users table as well before printing out.
When user object is sanitized, `user_email` filter is applied on the
user's email. As a result, the email address is passed through
`sanitize_email()`, resulting in `t&est at eamann.com`. Now if you're in
the admin panel, `wp_filter_kses()` will further mutilate the email
address, resulting in `t&ampest at eamann.com`. See
[http://core.trac.wordpress.org/browser/trunk/wp-includes/default-
filters.php#L53 this code].
--
Ticket URL: <http://core.trac.wordpress.org/ticket/16788#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list