[wp-trac] [WordPress Trac] #21730: More modular and reusable email validation functions

WordPress Trac wp-trac at lists.automattic.com
Wed Aug 29 16:04:04 UTC 2012 

#21730: More modular and reusable email validation functions
--------------------------+------------------------------------
 Reporter:  boonebgorges  |      Owner:
     Type:  enhancement   |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  Users         |    Version:
 Severity:  normal        |   Keywords:  has-patch dev-feedback
--------------------------+------------------------------------
 Email validation, especially as it's handled in Multisite (most of which
 is verbatim from MU), is pretty messy. We have some functions like
 `is_email_address_unsafe()` for checking banned domains, but we don't have
 a parallel function for checking against limited_email_domains. There are
 no filters outside of `wpmu_validate_user_signup`, which means that if you
 want to use email validation outside of the normal MS registration
 workflow and want to tweak the way that it works (see eg #15706, #20459),
 you pretty much have to roll your own. And there's no single function that
 a plugin like BuddyPress can use to do all relevant email checks in one
 fell swoop.

 The attached patch suggests the following changes:
 - Put the limited_email_domains check into a function,
 `is_email_address_allowed()`.
 - Put filters on the output of this new function as well as
 `is_email_address_unsafe()`.
 - Introduce function wp_validate_email_address(), which wraps the
 following four checks: is_email(), email_exists(),
 is_email_address_allowed(), is_email_address_unsafe().
 - Rearranges `wpmu_validate_user_signup()` a bit so that all email checks
 (as opposed to username checks) happen together.

 I'm not married to anything in this particular implementation (the way
 that wp_validate_email_address() sends back error messages is not
 particularly beautiful, but I didn't want to introduce a ton of overhead),
 but I would really like to see some sort of treatment along these lines,
 to make things more modular and reusable.

 If something like this gets approved by the devs, I would like to further
 suggest the following:
 - Give a similar treatment to username validation
 - Move the generic validation functions out of ms-functions.php (with
 function_exists() checks on the MS-specific stuff)

 I'm happy to work more on this kind of patch, but didn't want to go too
 far in case it's a non-starter for some reason.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/21730>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list