diff options
author | Philip Häusler <msquare@notrademark.de> | 2013-12-27 19:45:50 +0100 |
---|---|---|
committer | Philip Häusler <msquare@notrademark.de> | 2013-12-27 19:45:50 +0100 |
commit | 9da2ff6f9f8a422b17b45e4ec2eb4cd26c5669e9 (patch) | |
tree | adc61a0095addf05f480bc54f006c6a72dc6e684 /includes/model/User_model.php | |
parent | 9d709b2a7349fc5b2ad9d84ddc36c505cccafed1 (diff) |
#137 fixed xss on login
Diffstat (limited to 'includes/model/User_model.php')
-rw-r--r-- | includes/model/User_model.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/includes/model/User_model.php b/includes/model/User_model.php index 523685df..a69c288c 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -1,6 +1,14 @@ <?php /** + * Strip unwanted characters from a users nick. + * @param string $nick + */ +function User_validate_Nick($nick) { + return preg_replace("/([^a-z0-9üöäß. _+*-]{1,})/ui", '', $nick); +} + +/** * Returns user by id. * * @param $id UID |