diff options
| -rw-r--r-- | actions/useradd.php | 13 | ||||
| -rw-r--r-- | engine/lib/users.php | 2 | ||||
| -rw-r--r-- | languages/en.php | 3 |
3 files changed, 16 insertions, 2 deletions
diff --git a/actions/useradd.php b/actions/useradd.php index 8e588d073..be08b4be5 100644 --- a/actions/useradd.php +++ b/actions/useradd.php @@ -20,11 +20,22 @@ if (is_array($admin)) { $admin = $admin[0]; } +// no blank fields +if ($username == '' || $password == '' || $password2 == '' || $email == '' || $name == '') { + register_error(elgg_echo('register:fields')); + forward(REFERER); +} + +if (strcmp($password, $password2) != 0) { + register_error(elgg_echo('RegistrationException:PasswordMismatch')); + forward(REFERER); +} + // For now, just try and register the user try { $guid = register_user($username, $password, $name, $email, TRUE); - if (((trim($password) != "") && (strcmp($password, $password2) == 0)) && ($guid)) { + if ($guid) { $new_user = get_entity($guid); if (($guid) && ($admin)) { $new_user->makeAdmin(); diff --git a/engine/lib/users.php b/engine/lib/users.php index 2d6b7cabd..ce1b409f6 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -813,6 +813,7 @@ function validate_username($username) { if ( preg_match($blacklist, $username) ) { + // @todo error message needs work throw new RegistrationException(elgg_echo('registration:invalidchars')); } @@ -823,6 +824,7 @@ function validate_username($username) { for ($n = 0; $n < strlen($blacklist2); $n++) { if (strpos($username, $blacklist2[$n]) !== false) { $msg = elgg_echo('registration:invalidchars', array($blacklist2[$n], $blacklist2)); + $msg = htmlentities($msg, ENT_COMPAT, 'UTF-8'); throw new RegistrationException($msg); } } diff --git a/languages/en.php b/languages/en.php index c4eb212c4..f1bc8e3b7 100644 --- a/languages/en.php +++ b/languages/en.php @@ -473,13 +473,14 @@ $english = array( 'registerok' => "You have successfully registered for %s.", 'registerbad' => "Your registration was unsuccessful because of an unknown error.", 'registerdisabled' => "Registration has been disabled by the system administrator", + 'register:fields' => 'All fields are required', 'registration:notemail' => 'The email address you provided does not appear to be a valid email address.', 'registration:userexists' => 'That username already exists', 'registration:usernametooshort' => 'Your username must be a minimum of %u characters long.', 'registration:passwordtooshort' => 'The password must be a minimum of %u characters long.', 'registration:dupeemail' => 'This email address has already been registered.', - 'registration:invalidchars' => 'Sorry, your username contains the following invalid character: %s. All of these characters are invalid: %s', + 'registration:invalidchars' => 'Sorry, your username contains the character %s which is invalid. The following characters are invalid: %s', 'registration:emailnotvalid' => 'Sorry, the email address you entered is invalid on this system', 'registration:passwordnotvalid' => 'Sorry, the password you entered is invalid on this system', 'registration:usernamenotvalid' => 'Sorry, the username you entered is invalid on this system', |