diff options
author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-06-11 18:39:02 +0000 |
---|---|---|
committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-06-11 18:39:02 +0000 |
commit | d27adda39ec2b13f0a6bcdbb6d47f8c1d22effc4 (patch) | |
tree | 62228db2e3576c654b0fb7126aff812e9c588951 | |
parent | ddd899baed4b54ece6a59d4a2c83b7dcc8559af0 (diff) | |
download | elgg-d27adda39ec2b13f0a6bcdbb6d47f8c1d22effc4.tar.gz elgg-d27adda39ec2b13f0a6bcdbb6d47f8c1d22effc4.tar.bz2 |
Block URL unsafe characters from username
git-svn-id: https://code.elgg.org/elgg/trunk@3327 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r-- | engine/lib/users.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/engine/lib/users.php b/engine/lib/users.php index 6b16e5e69..85056269b 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -1149,7 +1149,10 @@ (strpos($username, '\'')!==false) ||
(strpos($username, '*')!==false) ||
(strpos($username, '&')!==false) ||
- (strpos($username, ' ')!==false)
+ (strpos($username, ' ')!==false) || + (strpos($username, '?')!==false) || + (strpos($username, '#')!==false) || + (strpos($username, '%')!==false)
)
throw new RegistrationException(elgg_echo('registration:invalidchars'));
|