Add some character restrictions to new usernames.
This commit is contained in:
parent
9c0addc9dd
commit
ab832aec75
|
@ -9,6 +9,9 @@ $keys = unserialize(file_get_contents($keyfile));
|
||||||
$email_registry = $spooldir.'/email_registry.dat';
|
$email_registry = $spooldir.'/email_registry.dat';
|
||||||
unlink($_POST['captchaimage']);
|
unlink($_POST['captchaimage']);
|
||||||
|
|
||||||
|
$username_allowed_chars = "a-zA-Z0-9_.";
|
||||||
|
$clean_username = preg_replace("/[^$username_allowed_chars]/", "", $_POST['username']);
|
||||||
|
|
||||||
if((password_verify($keys[0],$_POST['key'])) || (password_verify($keys[1],$_POST['key']))) {
|
if((password_verify($keys[0],$_POST['key'])) || (password_verify($keys[1],$_POST['key']))) {
|
||||||
$auth_ok = true;
|
$auth_ok = true;
|
||||||
} else {
|
} else {
|
||||||
|
@ -172,6 +175,16 @@ if (empty($_POST['username'])) {
|
||||||
exit(2);
|
exit(2);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if($clean_username != $_POST['username']) {
|
||||||
|
echo "The username entered contains disallowed characters.<br />";
|
||||||
|
echo "Allowed characters:<br />letters, numbers, underscore, hypen, full stop<br /><br />";
|
||||||
|
echo '<form name="return1" method="post" action="register.php">';
|
||||||
|
echo '<input name="username" type="hidden" id="username" value="'.$clean_username.'" readonly="readonly">';
|
||||||
|
echo '<input name="user_email" type="hidden" id="user_email" value="'.$user_email.'" readonly="readonly">';
|
||||||
|
echo '<input type="submit" name="Submit" value="Please try again"></td>';
|
||||||
|
exit(2);
|
||||||
|
}
|
||||||
|
|
||||||
if (($_POST['password'] !== $_POST['password2']) || $_POST['password'] == '') {
|
if (($_POST['password'] !== $_POST['password2']) || $_POST['password'] == '') {
|
||||||
echo "Your passwords entered do not match\r\n";
|
echo "Your passwords entered do not match\r\n";
|
||||||
echo '<form name="return1" method="post" action="register.php">';
|
echo '<form name="return1" method="post" action="register.php">';
|
||||||
|
|
Loading…
Reference in New Issue