From 7bf795a715ffe0e544462ceaff78c241f98c204f Mon Sep 17 00:00:00 2001
From: jverber <jverber@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Mon, 14 Jun 2004 14:58:10 +0000
Subject: [PATCH] Fixes for user websites (bugs #0000025 and #0000050) and fix
 line breaks for profile.php and users.php

git-svn-id: http://svn.automattic.com/wordpress/trunk@1422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/profile.php | 1 +
 wp-admin/users.php   | 7 +++++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/wp-admin/profile.php b/wp-admin/profile.php
index 492a46e27..41481d8a0 100644
--- a/wp-admin/profile.php
+++ b/wp-admin/profile.php
@@ -93,6 +93,7 @@ case 'update':
 	$newuser_yim=addslashes(stripslashes($_POST['newuser_yim']));
 	$newuser_email=addslashes(stripslashes($_POST['newuser_email']));
 	$newuser_url=addslashes(stripslashes($_POST['newuser_url']));
+	$newuser_url = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $newuser_url) ? $newuser_url : 'http://' . $newuser_url; 
 	$newuser_idmode=addslashes(stripslashes($_POST['newuser_idmode']));
 	$user_description = addslashes(stripslashes($_POST['user_description']));
 
diff --git a/wp-admin/users.php b/wp-admin/users.php
index 8a93c0e68..3ffd22646 100644
--- a/wp-admin/users.php
+++ b/wp-admin/users.php
@@ -37,6 +37,7 @@ case 'adduser':
 	$user_email = $_POST['email'];
 	$user_firstname = $_POST['firstname'];
 	$user_lastname = $_POST['lastname'];
+	$user_uri = $_POST['uri'];
 		
 	/* checking login has been typed */
 	if ($user_login == '') {
@@ -75,13 +76,15 @@ case 'adduser':
     $user_nicename = sanitize_title($user_nickname);
 	$user_firstname = addslashes(stripslashes($user_firstname));
 	$user_lastname = addslashes(stripslashes($user_lastname));
+	$user_uri = addslashes(stripslashes($user_uri));
+	$user_uri = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $user_uri) ? $user_uri : 'http://' . $user_uri;
 	$now = gmdate('Y-m-d H:i:s');
 	$new_users_can_blog = get_settings('new_users_can_blog');
 
 	$result = $wpdb->query("INSERT INTO $wpdb->users 
-		(user_login, user_pass, user_nickname, user_email, user_ip, user_domain, user_browser, dateYMDhour, user_level, user_idmode, user_firstname, user_lastname, user_nicename)
+		(user_login, user_pass, user_nickname, user_email, user_ip, user_domain, user_browser, dateYMDhour, user_level, user_idmode, user_firstname, user_lastname, user_nicename, user_url)
 	VALUES 
-		('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname', '$user_firstname', '$user_lastname', '$user_nicename')");
+		('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname', '$user_firstname', '$user_lastname', '$user_nicename', '$user_uri')");
 	
 	if ($result == false) {
 		die (__('<strong>ERROR</strong>: Couldn&#8217;t register you!'));