From 4f1cef546e2bd1ff21ed1031c46599010ee9033a Mon Sep 17 00:00:00 2001 From: msquare Date: Sun, 28 Apr 2019 14:34:04 +0200 Subject: better nick validation, fixes #429 --- includes/pages/admin_user.php | 5 ++++- includes/pages/guest_login.php | 25 +++++++++++++++---------- 2 files changed, 19 insertions(+), 11 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index a193aff7..e59c5baa 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -261,7 +261,10 @@ function admin_user() if ($user_source->settings->email_human) { $user_source->email = $request->postData('eemail'); } - $user_source->name = User_validate_Nick($request->postData('eNick')); + $nickValidation = User_validate_Nick($request->postData('eNick')); + if($nickValidation->isValid()) { + $user_source->name = $nickValidation->getValue(); + } $user_source->save(); $user_source->personalData->first_name = $request->postData('eVorname'); $user_source->personalData->last_name = $request->postData('eName'); diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 7b6eb9c1..a0aa92a5 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -83,18 +83,21 @@ function guest_register() if ($request->hasPostData('submit')) { $valid = true; - if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 1) { - $nick = User_validate_Nick($request->input('nick')); + if ($request->has('nick')) { + $nickValidation = User_validate_Nick($request->input('nick')); + $nick = $nickValidation->getValue(); + + if(!$nickValidation->isValid()) { + $valid = false; + $msg .= error(sprintf(__('Please enter a valid nick.') . ' ' . __('Use up to 23 letters, numbers, connecting punctuations or spaces for your nickname.'), $nick), true); + } if (User::whereName($nick)->count() > 0) { $valid = false; $msg .= error(sprintf(__('Your nick "%s" already exists.'), $nick), true); } } else { $valid = false; - $msg .= error(sprintf( - __('Your nick "%s" is too short (min. 2 characters).'), - User_validate_Nick($request->input('nick')) - ), true); + $msg .= error(__('Please enter a nickname.'), true); } if ($request->has('mail') && strlen(strip_request_item('mail')) > 0) { @@ -283,7 +286,8 @@ function guest_register() div('col-md-6', [ div('row', [ div('col-sm-4', [ - form_text('nick', __('Nick') . ' ' . entry_required(), $nick) + form_text('nick', __('Nick') . ' ' . entry_required(), $nick), + form_info('', __('Use up to 23 letters, numbers, connecting punctuations or spaces for your nickname.')) ]), div('col-sm-8', [ form_email('mail', __('E-Mail') . ' ' . entry_required(), $mail), @@ -395,9 +399,10 @@ function guest_login() $session->remove('uid'); if ($request->hasPostData('submit')) { - if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) { - $nick = User_validate_Nick($request->input('nick')); - $login_user = User::whereName($nick)->first(); + if ($request->has('nick') && !empty($request->input('nick'))) { + $nickValidation = User_validate_Nick($request->input('nick')); + $nick = $nickValidation->getValue(); + $login_user = User::whereName($nickValidation->getValue())->first(); if ($login_user) { if ($request->has('password')) { if (!verify_password($request->postData('password'), $login_user->password, $login_user->id)) { -- cgit v1.2.3-70-g09d2