[Plugin: Events Manager] Bug in user name randomization (v5.2.5)
-
Hello,
first of all thanks for the great plugin. I found a bug in the em-actions.php file (about line 250). The original is$username_root = explode('@', $_REQUEST['user_email']); $username_rand = $username_root[0].rand(1,1000); while( username_exists($username_root[0].rand(1,1000)) ){ $username_rand = $username_root[0].rand(1,1000); }
The user name that is checked is not the user name that is used afterwards! It’s unlikely that this leads to conflicts, but it might happen. I corrected it like this in my installation, and implemented my original intent of providing a non-random user name if possible:
$username_root = explode('@', $_REQUEST['user_email']); $username_rand = $username_root[0]; while( username_exists($username_rand) ) { $username_rand = $username_root[0].rand(1,1000); }
Have fun,
Markus
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘[Plugin: Events Manager] Bug in user name randomization (v5.2.5)’ is closed to new replies.