summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--register.php4
-rw-r--r--services/userservice.php12
2 files changed, 16 insertions, 0 deletions
diff --git a/register.php b/register.php
index e60a686..b70d724 100644
--- a/register.php
+++ b/register.php
@@ -39,6 +39,10 @@ if (isset($_POST['submitted'])) {
// Check if username already exists
} elseif ($userservice->getUserByUsername($posteduser)) {
$tplVars['error'] = T_('This username already exists, please make another choice.');
+
+ // Check if username is valid (length, authorized characters)
+ } elseif (!$userservice->isValidUsername($posteduser)) {
+ $tplVars['error'] = T_('This username is not valid (too long, forbidden characters...), please make another choice.');
// Check if e-mail address is valid
} elseif (!$userservice->isValidEmail($_POST['email'])) {
diff --git a/services/userservice.php b/services/userservice.php
index ee62dbb..e50faaa 100644
--- a/services/userservice.php
+++ b/services/userservice.php
@@ -388,6 +388,18 @@ class UserService {
return false;
}
}
+
+ function isValidUsername($username) {
+ if (strlen($username) > 24) {
+ // too long usernames are cut by database and may cause bugs when compared
+ return false;
+ } else {
+ return true;
+ }
+ return true;
+ }
+
+
function isValidEmail($email) {
if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) {