Hyphens in usernames

Hello,

We are building a Wordpress network for a University and use LDAP allowing our students and staff to login to the Wordpress using their University usernames and passwords at sites.bishopg.ac.uk

I've just run into an issue though because some of the University usernames have a hyphen in them and WordPress does not allow this.

Some quick googling has turned up a suggested solution at http://christianvarga.com/allow-hyphenated-usernames-wordpress-multisite/

However, since my understanding of the code is limited I am hoping someone with some expertise here would review the code they are suggesting be added to functions.php and confirm that it looks safe and effective, I notice that wpmu is referenced in the code.

____

/**
* Allow hypenated usernames
*
* @wp-hook wpmu_validate_user_signup
* param array $result
* @return array
*/
function wpse_59760_allow_hyphenated_usernames( $result ) {
$error_name = $result[ 'errors' ]->get_error_message( 'user_name' );
if ( ! empty ( $error_name )
&& $error_name == __( 'Only lowercase letters (a-z) and numbers are allowed.' )
&& $result['user_name'] == $result['orig_username']
&& ! preg_match( '/[^-a-z0-9]/', $result['user_name'] )
) {
unset ( $result[ 'errors' ]->errors[ 'user_name' ] );
return $result;
}
else {
return $result;
}
}
add_filter( 'wpmu_validate_user_signup', 'wpse_59760_allow_hyphenated_usernames' );

________

Thanks for any help with this!

Ben

  • Bojan Radonic

    Hey there Ben,

    How are you doing today?

    I've checked the code and it looks pretty good aside from one thing, error name is not really matching the message you're getting now in the latest version of WordPress so I guess that changed in time. So with that change the following code works just fine on my test site:

    /**
     * Allow hypenated usernames
     *
     * @wp-hook wpmu_validate_user_signup
     * param   array $result
     * @return  array
     */
    function wpse_59760_allow_hyphenated_usernames( $result ) {
      $error_name = $result[ 'errors' ]->get_error_message( 'user_name' );
      if ( ! empty ( $error_name )
          && $error_name == __( 'Usernames can only contain lowercase letters (a-z) and numbers.' )
          && $result['user_name'] == $result['orig_username']
          && ! preg_match( '/[^-a-z0-9]/', $result['user_name'] )
      ) {
        unset ( $result[ 'errors' ]->errors[ 'user_name' ] );
        return $result;
      }
      else {
        return $result;
      }
    }
    add_filter( 'wpmu_validate_user_signup', 'wpse_59760_allow_hyphenated_usernames' );

    You can add it to your theme functions.php, ideally you'd want to add it to your child theme functions.php so you don't lose it first time you update the theme. Alternatively you can use mu plugin instead, you can find more information about that here https://premium.wpmudev.org/manuals/wpmu-manual-2/using-mu-plugins/.

    Hope this helps and have a great day!

    Cheers,
    Bojan

  • Ben

    Hi Bojan,

    I have been learning a bit more about mu plugins and considering the best way to proceed with this. My host, WP Engine told me that sometimes while providing support they run a script that erases the contents of mu plugins. Does that sound right? (it doesn't to me but my understanding is too limited to be a good judge)

    If that is the case, or for any other reason I decide to put it into a functions.php file of a theme, I am trying to figure out what theme to put it in. Would it be the theme used on the default site? At the moment, this is Scribe. And if I do add the code to the functions.php of the Scribe Theme on the network, then is there a chance that the code would get removed if the theme gets updated?

    An explanation about this would be really appreciated!

    Thanks,

    Ben

  • Bojan Radonic

    Hey again Ben,

    My host, WP Engine told me that sometimes while providing support they run a script that erases the contents of mu plugins. Does that sound right? (it doesn't to me but my understanding is too limited to be a good judge)

    To be completely honest I've never heard about this before, I don't see a reason for them to remove content from mu plugins unless this is some sort of security that they're trying to run but if somebody has access to your WP install to wp-content folder where mu plugins are what stops them from adding code to a theme that you're using or a plugin? mu plugins are there for a reason and they come really handy for what you're trying to add.

    With regards to where you need to add the code in your specific case mu-plugin would be the best option as this needs to work on all your subsites. Adding this to main site theme functions.php is not a good idea as this will not work on your subsites if these subsites are going to use different themes that have custom registrations of their own. So the most simple solution that will work across your network would be a mu-plugin.

    Another thing to think about is unless you're having child theme for each of those themes, code added in theme's functions.php will be overwritten with each update. With Upfront adding code like that is not possible as Scribe for example is already a child theme so creating a child of Scribe is not something that you can do.

    Hope this helps :slight_smile:

    Cheers,
    Bojan

  • Ben

    Hi Bojan,

    Thanks for your response. I wonder if the information that the WP Engine support agent gave me was accurate- it was only through a support chat.

    In any case, thinking through it further I have realised that the hyphenated usename issue is really only going to be for network admin, our users probably won't run into this on their own sites. I have added the code to the Theme's functions.php file and tested and it does seem to be working. I guess the worst case scenario with this is that the an update to the theme could wipe the code and we will have to re-add it back in again.

    Thanks very much for your support, it is much appreciated.

    Ben

  • Bojan Radonic

    Hey again Ben,

    I wonder if the information that the WP Engine support agent gave me was accurate- it was only through a support chat.

    Personally this doesn't make much sense to me but then again I'm nowhere close to being an expert with hosting providers and the ways they operate so I might be missing something here. The reason I say this is because mu-plugins are part of WordPress so randomly cleaning that up would be the same if someone would say we'll randomly remove code from your child theme functions.php.

    As an alternative you can try using the following plugin as well https://wordpress.org/plugins/code-snippets/. It should allow you to add custom PHP code from your admin panel which would make it safe with updates.

    Cheers,
    Bojan

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.