[Plugin: Events Manager] Bug in user name randomization (v5.2.5) | WordPress.org

Resolved der-burger
(@der-burger)

11 years, 7 months ago
Hello,
first of all thanks for the great plugin. I found a bug in the em-actions.php file (about line 250). The original is
```
$username_root = explode('@', $_REQUEST['user_email']);
$username_rand = $username_root[0].rand(1,1000);
while( username_exists($username_root[0].rand(1,1000)) ){
  $username_rand = $username_root[0].rand(1,1000);
}
```
The user name that is checked is not the user name that is used afterwards! It’s unlikely that this leads to conflicts, but it might happen. I corrected it like this in my installation, and implemented my original intent of providing a non-random user name if possible:
```
$username_root = explode('@', $_REQUEST['user_email']);
$username_rand = $username_root[0];
 while( username_exists($username_rand) ) {
  $username_rand = $username_root[0].rand(1,1000);
}
```
Have fun,
Markus

http://wordpress.org/extend/plugins/events-manager/

Viewing 1 replies (of 1 total)

Plugin Author Marcus (aka @msykes)
(@netweblogic)

11 years, 7 months ago

Thanks, you’re right and this is an improvement too! Will change this.

Viewing 1 replies (of 1 total)

The topic ‘[Plugin: Events Manager] Bug in user name randomization (v5.2.5)’ is closed to new replies.

In: Plugins
1 reply
2 participants
Last reply from: Marcus (aka @msykes)
Last activity: 11 years, 7 months ago
Status: resolved