Browse Source

php - disallow '.' or '_' in username

master
kanoi 10 years ago
parent
commit
0117754b90
  1. 38
      pool/page_reg.php

38
pool/page_reg.php

@ -75,33 +75,47 @@ function safepass($pass)
function show_reg($menu, $name, $u) function show_reg($menu, $name, $u)
{ {
$user = getparam('user', false); $user = getparam('user', false);
$mail = getparam('mail', false); $mail = trim(getparam('mail', false));
$pass = getparam('pass', false); $pass = getparam('pass', false);
$pass2 = getparam('pass2', false); $pass2 = getparam('pass2', false);
$data = array(); $data = array();
$ok = true;
if ($user === NULL && $mail === NULL && $pass === NULL && $pass2 === NULL) if (nuem($user))
$ok = false; $data['user'] = '';
else else
{
if ($user !== NULL)
$data['user'] = $user; $data['user'] = $user;
if (nuem($mail))
$data['mail'] = '';
else else
$ok = false;
if ($mail !== NULL)
$data['mail'] = $mail; $data['mail'] = $mail;
else
$ok = true;
if (nuem($user) || nuem($mail) || nuem($pass) || nuem($pass2))
$ok = false; $ok = false;
if ($pass === NULL || safepass($pass) !== true) else
{
if (safepass($pass) !== true)
{ {
$ok = false; $ok = false;
$data['error'] = "Password is unsafe - requires 6 or more chars, including upper+lower+digits"; $data['error'] = "Password is unsafe - requires 6 or more characters, including<br>" .
} elseif ($pass2 === NULL || $pass2 != $pass) "at least one of each uppercase, lowercase and digits";
}
elseif ($pass2 != $pass)
{ {
$ok = false; $ok = false;
$data['error'] = "Passwords don't match"; $data['error'] = "Passwords don't match";
} }
$orig = $user;
$user = preg_replace('/[_\\.]/', '', $orig);
if ($user != $orig)
{
$ok = false;
$data['error'] = "Username cannot include '.' or '_'";
$data['user'] = $user;
}
} }
if ($ok === true) if ($ok === true)

Loading…
Cancel
Save