From 4f1cef546e2bd1ff21ed1031c46599010ee9033a Mon Sep 17 00:00:00 2001
From: msquare <msquare@notrademark.de>
Date: Sun, 28 Apr 2019 14:34:04 +0200
Subject: better nick validation, fixes #429

---
 includes/model/User_model.php | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'includes/model/User_model.php')

diff --git a/includes/model/User_model.php b/includes/model/User_model.php
index d47b2915..a928d895 100644
--- a/includes/model/User_model.php
+++ b/includes/model/User_model.php
@@ -112,11 +112,20 @@ function Users_by_angeltype($angeltype)
  * Nick is trimmed.
  *
  * @param string $nick
- * @return string
+ * @return ValidationResult
  */
 function User_validate_Nick($nick)
 {
-    return preg_replace('/([^\p{L}\p{N}\-_. ]+)/ui', '', trim($nick));
+    $nick = trim($nick);
+    
+    if(strlen($nick) == 0 || strlen($nick) > 23) {
+        return new ValidationResult(false, $nick);
+    }
+    if(preg_match('/([^\p{L}\p{N}\-_. ]+)/ui', $nick)) {
+        return new ValidationResult(false, $nick);
+    }
+    
+    return new ValidationResult(true, $nick);
 }
 
 /**
-- 
cgit v1.2.3-54-g00ecf