W3cubDocs

/WordPress

wpmu_validate_blog_signup( string $blogname, string $blog_title, WP_User|string $user = '' )

Processes new site registrations.

Description

Checks the data provided by the user during blog signup. Verifies the validity and uniqueness of blog paths and domains.

This function prevents the current user from registering a new site with a blogname equivalent to another user’s login name. Passing the $user parameter to the function, where $user is the other user, is effectively an override of this limitation.

Filter ‘wpmu_validate_blog_signup’ if you want to modify the way that WordPress validates new site signups.

Parameters

$blogname

(string) (Required) The blog name provided by the user. Must be unique.

$blog_title

(string) (Required) The blog title provided by the user.

$user

(WP_User|string) (Optional) The user object to check against the new site name.

Default value: ''

Return

(array) Array of domain, path, blog name, blog title, user and error messages.

'domain'
(string) Domain for the site.
'path'
(string) Path for the site. Used in subdirectory installations.
'blogname'
(string) The unique site name (slug).
'blog_title'
(string) Blog title.
'user'
(string|WP_User) By default, an empty string. A user object if provided.
'errors'
(WP_Error) WP_Error containing any errors found.

Source

File: wp-includes/ms-functions.php

function wpmu_validate_blog_signup( $blogname, $blog_title, $user = '' ) {
	global $wpdb, $domain;

	$current_network = get_network();
	$base            = $current_network->path;

	$blog_title = strip_tags( $blog_title );

	$errors        = new WP_Error();
	$illegal_names = get_site_option( 'illegal_names' );
	if ( false == $illegal_names ) {
		$illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' );
		add_site_option( 'illegal_names', $illegal_names );
	}

	/*
	 * On sub dir installations, some names are so illegal, only a filter can
	 * spring them from jail.
	 */
	if ( ! is_subdomain_install() ) {
		$illegal_names = array_merge( $illegal_names, get_subdirectory_reserved_names() );
	}

	if ( empty( $blogname ) ) {
		$errors->add( 'blogname', __( 'Please enter a site name.' ) );
	}

	if ( preg_match( '/[^a-z0-9]+/', $blogname ) ) {
		$errors->add( 'blogname', __( 'Site names can only contain lowercase letters (a-z) and numbers.' ) );
	}

	if ( in_array( $blogname, $illegal_names, true ) ) {
		$errors->add( 'blogname', __( 'That name is not allowed.' ) );
	}

	/**
	 * Filters the minimum site name length required when validating a site signup.
	 *
	 * @since 4.8.0
	 *
	 * @param int $length The minimum site name length. Default 4.
	 */
	$minimum_site_name_length = apply_filters( 'minimum_site_name_length', 4 );

	if ( strlen( $blogname ) < $minimum_site_name_length ) {
		/* translators: %s: Minimum site name length. */
		$errors->add( 'blogname', sprintf( _n( 'Site name must be at least %s character.', 'Site name must be at least %s characters.', $minimum_site_name_length ), number_format_i18n( $minimum_site_name_length ) ) );
	}

	// Do not allow users to create a blog that conflicts with a page on the main blog.
	if ( ! is_subdomain_install() && $wpdb->get_var( $wpdb->prepare( 'SELECT post_name FROM ' . $wpdb->get_blog_prefix( $current_network->site_id ) . "posts WHERE post_type = 'page' AND post_name = %s", $blogname ) ) ) {
		$errors->add( 'blogname', __( 'Sorry, you may not use that site name.' ) );
	}

	// All numeric?
	if ( preg_match( '/^[0-9]*$/', $blogname ) ) {
		$errors->add( 'blogname', __( 'Sorry, site names must have letters too!' ) );
	}

	/**
	 * Filters the new site name during registration.
	 *
	 * The name is the site's subdomain or the site's subdirectory
	 * path depending on the network settings.
	 *
	 * @since MU (3.0.0)
	 *
	 * @param string $blogname Site name.
	 */
	$blogname = apply_filters( 'newblogname', $blogname );

	$blog_title = wp_unslash( $blog_title );

	if ( empty( $blog_title ) ) {
		$errors->add( 'blog_title', __( 'Please enter a site title.' ) );
	}

	// Check if the domain/path has been used already.
	if ( is_subdomain_install() ) {
		$mydomain = $blogname . '.' . preg_replace( '|^www\.|', '', $domain );
		$path     = $base;
	} else {
		$mydomain = "$domain";
		$path     = $base . $blogname . '/';
	}
	if ( domain_exists( $mydomain, $path, $current_network->id ) ) {
		$errors->add( 'blogname', __( 'Sorry, that site already exists!' ) );
	}

	if ( username_exists( $blogname ) ) {
		if ( ! is_object( $user ) || ( is_object( $user ) && ( $user->user_login != $blogname ) ) ) {
			$errors->add( 'blogname', __( 'Sorry, that site is reserved!' ) );
		}
	}

	// Has someone already signed up for this domain?
	// TODO: Check email too?
	$signup = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE domain = %s AND path = %s", $mydomain, $path ) );
	if ( ! empty( $signup ) ) {
		$diff = time() - mysql2date( 'U', $signup->registered );
		// If registered more than two days ago, cancel registration and let this signup go through.
		if ( $diff > 2 * DAY_IN_SECONDS ) {
			$wpdb->delete(
				$wpdb->signups,
				array(
					'domain' => $mydomain,
					'path'   => $path,
				)
			);
		} else {
			$errors->add( 'blogname', __( 'That site is currently reserved but may be available in a couple days.' ) );
		}
	}

	$result = array(
		'domain'     => $mydomain,
		'path'       => $path,
		'blogname'   => $blogname,
		'blog_title' => $blog_title,
		'user'       => $user,
		'errors'     => $errors,
	);

	/**
	 * Filters site details and error messages following registration.
	 *
	 * @since MU (3.0.0)
	 *
	 * @param array $result {
	 *     Array of domain, path, blog name, blog title, user and error messages.
	 *
	 *     @type string         $domain     Domain for the site.
	 *     @type string         $path       Path for the site. Used in subdirectory installations.
	 *     @type string         $blogname   The unique site name (slug).
	 *     @type string         $blog_title Blog title.
	 *     @type string|WP_User $user       By default, an empty string. A user object if provided.
	 *     @type WP_Error       $errors     WP_Error containing any errors found.
	 * }
	 */
	return apply_filters( 'wpmu_validate_blog_signup', $result );
}

Uses

Uses	Description
wp-includes/ms-functions.php: minimum_site_name_length	Filters the minimum site name length required when validating a site signup.
wp-includes/ms-network.php: get_network()	Retrieves network data given a network ID or network object.
wp-includes/ms-functions.php: get_subdirectory_reserved_names()	Retrieves a list of reserved site on a sub-directory Multisite installation.
wp-includes/l10n.php: __()	Retrieve the translation of $text.
wp-includes/l10n.php: _n()	Translates and retrieves the singular or plural form based on the supplied number.
wp-includes/formatting.php: wp_unslash()	Remove slashes from a string or array of strings.
wp-includes/functions.php: number_format_i18n()	Convert float number to format based on the locale.
wp-includes/functions.php: mysql2date()	Convert given MySQL date string into a different format.
wp-includes/plugin.php: apply_filters()	Calls the callback functions that have been added to a filter hook.
wp-includes/option.php: add_site_option()	Adds a new option for the current network.
wp-includes/option.php: get_site_option()	Retrieve an option value for the current network based on name of option.
wp-includes/user.php: username_exists()	Determines whether the given username exists.
wp-includes/ms-functions.php: domain_exists()	Checks whether a site name is already taken.
wp-includes/ms-functions.php: newblogname	Filters the new site name during registration.
wp-includes/ms-functions.php: wpmu_validate_blog_signup	Filters site details and error messages following registration.
wp-includes/ms-load.php: is_subdomain_install()	Whether a subdomain configuration is enabled.
wp-includes/wp-db.php: wpdb::get_var()	Retrieves one variable from the database.
wp-includes/wp-db.php: wpdb::get_row()	Retrieves one row from the database.
wp-includes/wp-db.php: wpdb::delete()	Deletes a row in the table.
wp-includes/wp-db.php: wpdb::prepare()	Prepares a SQL query for safe execution.
wp-includes/wp-db.php: wpdb::get_blog_prefix()	Gets blog prefix.
wp-includes/class-wp-error.php: WP_Error::__construct()	Initialize the error.

Used By

Used By	Description
wp-signup.php: validate_blog_signup()	Validate new site signup
wp-signup.php: validate_blog_form()	Validate the new site signup

Changelog

Version	Description
MU (3.0.0)	Introduced.

© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/wpmu_validate_blog_signup