WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

WP_REST_Users_Controller::check_username()

WP_REST_Users_Controller::check_username( string $value, WP_REST_Request $request, string $param ): string|WP_Error

In this article

Back to top

Check a username for the REST API.

Description

Performs a couple of checks like edit_user() in wp-admin/includes/user.php.

Parameters

$valuestringrequired
The username submitted in the request.
$requestWP_REST_Requestrequired
Full details about the request.
$paramstringrequired
The parameter name.

Return

string|WP_Error The sanitized username, if valid, otherwise an error.

Source

public function check_username( $value, $request, $param ) {
	$username = (string) $value;

	if ( ! validate_username( $username ) ) {
		return new WP_Error(
			'rest_user_invalid_username',
			__( 'This username is invalid because it uses illegal characters. Please enter a valid username.' ),
			array( 'status' => 400 )
		);
	}

	/** This filter is documented in wp-includes/user.php */
	$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );

	if ( in_array( strtolower( $username ), array_map( 'strtolower', $illegal_logins ), true ) ) {
		return new WP_Error(
			'rest_user_invalid_username',
			__( 'Sorry, that username is not allowed.' ),
			array( 'status' => 400 )
		);
	}

	return $username;
}

View all references View on Trac View on GitHub

Hooks

apply_filters( ‘illegal_user_logins’, array $usernames )

Filters the list of disallowed usernames.

UsesDescription
validate_username()wp-includes/user.php

Checks whether a username is valid.

__()wp-includes/l10n.php

Retrieves the translation of $text.

apply_filters()wp-includes/plugin.php

Calls the callback functions that have been added to a filter hook.

WP_Error::__construct()wp-includes/class-wp-error.php

Initializes the error.

Show 2 moreShow less

Changelog

VersionDescription
4.7.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.