vdonchev/social_login.php Secret

## social_login.php
<?php
/** -----------------------------------------
  * Problem:
  * ----------------------------------------- */
$username = strtolower($user_profile['first_name'] . $user_profile['last_name']);
// We will end up with $username = "ИванИванов"
// As strtolower() is not working with multibyte character encoding it will do nothing in this case

$sanitized_user_login = sanitize_user($new_fb_settings['fb_user_prefix'] . $username);
// Now we have $sanitized_user_login = "fb-ИванИванов" - so far so goog

if (!validate_username($sanitized_user_login)) {
	// Validity check will fail because strict flag was not passed as a second argument to sanitize_user in the previous line,
	// but validate_username check against sanitize_user($name, true)

	$sanitized_user_login = sanitize_user('facebook' . $user_profile['id']);
	// So at this point we already have a not so good looking username $sanitized_user_login = "faceookID"
}

// more code


/** -----------------------------------------
  * Solution:
  * ----------------------------------------- */

// Demo setup:
$user_profile['first_name'] = "Иван";
$user_profile['last_name'] = "Иванов";

$new_fb_settings['fb_user_prefix'] = "fb-";
$new_fb_settings['fb_user_fallback'] = "member";

if (!isset($new_fb_settings['fb_user_prefix'])) {
    $new_fb_settings['fb_user_prefix'] = 'facebook-';
}

// Code
$username = strtolower($user_profile['first_name'] . "_" . $user_profile['last_name']);

$sanitized_user_login = sanitize_user($new_fb_settings['fb_user_prefix'] . $username, true); // do not forget to pass the strict flag (true)

// Let's replace the spaces and double underscores with underscore. Its much readable this way.
$sanitized_user_login = strtolower(preg_replace("/[\s_]+/", "_", $sanitized_user_login));

// If username consist of 100% non-latin characters, at this point we will end up with the prefix only.
if (trim($sanitized_user_login) === $new_fb_settings['fb_user_prefix']) {
    // Lets use the fallback name
    // It doesn't really matter if the fallback name is blank/set or not.
    $sanitized_user_login = $new_fb_settings['fb_user_prefix'] . $new_fb_settings['fb_user_fallback'];
}

$defaul_user_name = $sanitized_user_login;
$i = 1;
while (username_exists($sanitized_user_login)) {
    $sanitized_user_login = $defaul_user_name . $i;
    $i++;
}

// At this point, we will have fb-member as username for non-latin usernames
// If fb-member is existing: fb-member1 etc.
// But most importantly, we will cover edge cases like this: "Michael O'Reilly"
// Instead ending up with something like facebook12345678 we will end up with fb-michael_oreilly, fb-michael_oreilly1, fb-michael_oreilly2 etc...
	<?php
	/** -----------------------------------------
	* Problem:
	* ----------------------------------------- */
	$username = strtolower($user_profile['first_name'] . $user_profile['last_name']);
	// We will end up with $username = "ИванИванов"
	// As strtolower() is not working with multibyte character encoding it will do nothing in this case

	$sanitized_user_login = sanitize_user($new_fb_settings['fb_user_prefix'] . $username);
	// Now we have $sanitized_user_login = "fb-ИванИванов" - so far so goog

	if (!validate_username($sanitized_user_login)) {
	// Validity check will fail because strict flag was not passed as a second argument to sanitize_user in the previous line,
	// but validate_username check against sanitize_user($name, true)

	$sanitized_user_login = sanitize_user('facebook' . $user_profile['id']);
	// So at this point we already have a not so good looking username $sanitized_user_login = "faceookID"
	}

	// more code


	/** -----------------------------------------
	* Solution:
	* ----------------------------------------- */

	// Demo setup:
	$user_profile['first_name'] = "Иван";
	$user_profile['last_name'] = "Иванов";

	$new_fb_settings['fb_user_prefix'] = "fb-";
	$new_fb_settings['fb_user_fallback'] = "member";

	if (!isset($new_fb_settings['fb_user_prefix'])) {
	$new_fb_settings['fb_user_prefix'] = 'facebook-';
	}

	// Code
	$username = strtolower($user_profile['first_name'] . "_" . $user_profile['last_name']);

	$sanitized_user_login = sanitize_user($new_fb_settings['fb_user_prefix'] . $username, true); // do not forget to pass the strict flag (true)

	// Let's replace the spaces and double underscores with underscore. Its much readable this way.
	$sanitized_user_login = strtolower(preg_replace("/[\s_]+/", "_", $sanitized_user_login));

	// If username consist of 100% non-latin characters, at this point we will end up with the prefix only.
	if (trim($sanitized_user_login) === $new_fb_settings['fb_user_prefix']) {
	// Lets use the fallback name
	// It doesn't really matter if the fallback name is blank/set or not.
	$sanitized_user_login = $new_fb_settings['fb_user_prefix'] . $new_fb_settings['fb_user_fallback'];
	}

	$defaul_user_name = $sanitized_user_login;
	$i = 1;
	while (username_exists($sanitized_user_login)) {
	$sanitized_user_login = $defaul_user_name . $i;
	$i++;
	}

	// At this point, we will have fb-member as username for non-latin usernames
	// If fb-member is existing: fb-member1 etc.
	// But most importantly, we will cover edge cases like this: "Michael O'Reilly"
	// Instead ending up with something like facebook12345678 we will end up with fb-michael_oreilly, fb-michael_oreilly1, fb-michael_oreilly2 etc...