From 85b427c189d054603aaa5401299953820ecec432 Mon Sep 17 00:00:00 2001 From: e107steved Date: Mon, 28 May 2007 09:37:35 +0000 Subject: [PATCH] Bugtracker #3869 - make login name length configurable --- e107_files/def_e107_prefs.php | 18 ++++++----- .../shortcode/batch/signup_shortcodes.php | 10 +++--- .../batch/usersettings_shortcodes.php | 15 +++++---- e107_languages/English/admin/lan_prefs.php | 10 +++--- e107_languages/English/lan_signup.php | 8 ++--- e107_languages/English/lan_usersettings.php | 8 +++-- signup.php | 17 +++++++--- usersettings.php | 31 ++++++++++++++----- 8 files changed, 76 insertions(+), 41 deletions(-) diff --git a/e107_files/def_e107_prefs.php b/e107_files/def_e107_prefs.php index 23a68ea1c..2c8228502 100644 --- a/e107_files/def_e107_prefs.php +++ b/e107_files/def_e107_prefs.php @@ -11,9 +11,9 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_files/def_e107_prefs.php,v $ -| $Revision: 1.1.1.1 $ -| $Date: 2006-12-02 04:33:35 $ -| $Author: mcfly_e107 $ +| $Revision: 1.2 $ +| $Date: 2007-05-28 09:37:27 $ +| $Author: e107steved $ +----------------------------------------------------------------------------+ */ @@ -48,6 +48,14 @@ City, State, Country 'anon_post' => '0', 'user_reg' => '1', 'use_coppa' => '1', + 'membersonly_enabled' => '0', + 'signup_pass_len' => '', + 'signup_maxip' => '3', + 'signup_disallow_text' => '', + 'displayname_class' => 255, + 'displayname_maxlength' => 15, + 'loginname_maxlength' => 30, + 'profanity_filter' => '0', 'profanity_replace' => '[censored]', 'smiley_activate' => '', @@ -117,7 +125,6 @@ City, State, Country 'wysiwyg' => '0', 'old_np' => '0', 'make_clickable' => '0', - 'signup_maxip' => '3', 'track_online' => '1', 'emotepack' => 'default', 'xup_enabled' => '1', @@ -132,9 +139,6 @@ City, State, Country 'post_html' => '254', 'redirectsiteurl' => '0', 'admin_alerts_uniquemenu' => '0', - 'membersonly_enabled' => '0', - 'signup_pass_len' => '', - 'signup_disallow_text' => '', 'signup_text_after' => '', 'null' => '', 'links_new_window' => '1', diff --git a/e107_files/shortcode/batch/signup_shortcodes.php b/e107_files/shortcode/batch/signup_shortcodes.php index 8276cad42..8266b1a95 100755 --- a/e107_files/shortcode/batch/signup_shortcodes.php +++ b/e107_files/shortcode/batch/signup_shortcodes.php @@ -11,8 +11,8 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_files/shortcode/batch/signup_shortcodes.php,v $ -| $Revision: 1.4 $ -| $Date: 2007-01-07 15:59:42 $ +| $Revision: 1.5 $ +| $Date: 2007-05-28 09:37:27 $ | $Author: e107steved $ +----------------------------------------------------------------------------+ */ @@ -81,14 +81,16 @@ SC_BEGIN SIGNUP_DISPLAYNAME global $pref, $rs; if (check_class($pref['displayname_class'])) { - return $rs->form_text("name", 30, ($_POST['name'] ? $_POST['name'] : $name), 30); + $dis_name_len = varset($pref['displayname_maxlength'],15); + return $rs->form_text("name", $dis_name_len+5, ($_POST['name'] ? $_POST['name'] : $name), $dis_name_len); } SC_END SC_BEGIN SIGNUP_LOGINNAME global $rs; -return $rs->form_text("loginname", 30, ($_POST['loginname'] ? $_POST['loginname'] : $loginname), 30); +$log_name_length = varset($pref['loginname_maxlength'],30); +return $rs->form_text("loginname", $log_name_length+5, ($_POST['loginname'] ? $_POST['loginname'] : $loginname), $log_name_length); SC_END SC_BEGIN SIGNUP_REALNAME diff --git a/e107_files/shortcode/batch/usersettings_shortcodes.php b/e107_files/shortcode/batch/usersettings_shortcodes.php index 84d794642..190b8d125 100755 --- a/e107_files/shortcode/batch/usersettings_shortcodes.php +++ b/e107_files/shortcode/batch/usersettings_shortcodes.php @@ -11,9 +11,9 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_files/shortcode/batch/usersettings_shortcodes.php,v $ -| $Revision: 1.3 $ -| $Date: 2007-01-16 13:55:37 $ -| $Author: mcfly_e107 $ +| $Revision: 1.4 $ +| $Date: 2007-05-28 09:37:27 $ +| $Author: e107steved $ +----------------------------------------------------------------------------+ */ if (!defined('e107_INIT')) { exit; } @@ -22,9 +22,11 @@ $usersettings_shortcodes = $tp -> e_sc -> parse_scbatch(__FILE__); /* SC_BEGIN USERNAME global $rs, $curVal, $pref; +// This is the 'display name' if (check_class($pref['displayname_class'])) { - return $rs->form_text("username", 20, $curVal['user_name'], $pref['displayname_maxlength'], "tbox"); + $dis_name_len = varset($pref['displayname_maxlength'],15); + return $rs->form_text("username", $dis_name_len, $curVal['user_name'], $dis_name_len, "tbox"); } else { @@ -36,7 +38,8 @@ SC_BEGIN LOGINNAME global $rs, $curVal; if (ADMIN && getperms("4")) { - return $rs->form_text("loginname", 20, $curVal['user_loginname'], 100, "tbox"); + $log_name_length = varset($pref['loginname_maxlength'],30); + return $rs->form_text("loginname", $log_name_length, $curVal['user_loginname'], $log_name_length, "tbox"); } else { @@ -180,7 +183,7 @@ SC_END SC_BEGIN AVATAR_CHOOSE $ret = " - +
"; $avatarlist[0] = ""; $handle = opendir(e_IMAGE."avatars/"); diff --git a/e107_languages/English/admin/lan_prefs.php b/e107_languages/English/admin/lan_prefs.php index 893eaa6b8..73b41c8a3 100644 --- a/e107_languages/English/admin/lan_prefs.php +++ b/e107_languages/English/admin/lan_prefs.php @@ -12,9 +12,9 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_languages/English/admin/lan_prefs.php,v $ -| $Revision: 1.3 $ -| $Date: 2007-04-12 23:04:51 $ -| $Author: e107coders $ +| $Revision: 1.4 $ +| $Date: 2007-05-28 09:37:35 $ +| $Author: e107steved $ +----------------------------------------------------------------------------+ */ @@ -166,7 +166,7 @@ define("PRFLAN_154", "New user verification method
If 'Admin Approval' is define("PRFLAN_155", "Display Name available to"); define("PRFLAN_156", "Reset ALL Display Names"); define("PRFLAN_157", "All Display Names have been reset to the Username"); -define("PRFLAN_158", "Display Name maximum length"); +define("PRFLAN_158", "Display Name maximum length (5..30)"); define("PRFLAN_159", "viewing this page with"); define("PRFLAN_160", "Check remote servers when validating email addresses."); @@ -185,6 +185,6 @@ define("PRFLAN_169", "If the chosen group contains more than one person, the use define("PRFLAN_170", "Use reverse DNS to allow host banning"); define("PRFLAN_171", "Turning this option on will allow you to ban users by hostname, rather then just IP or email address.
NOTE: This may affect pageload times on some hosts"); - +define("PRFLAN_172", "Login Name maximum length (10..100)"); ?> \ No newline at end of file diff --git a/e107_languages/English/lan_signup.php b/e107_languages/English/lan_signup.php index 9de3cd63a..5ed2b9728 100644 --- a/e107_languages/English/lan_signup.php +++ b/e107_languages/English/lan_signup.php @@ -4,9 +4,9 @@ | e107 website system - Language File. | | $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_signup.php,v $ -| $Revision: 1.6 $ -| $Date: 2007-04-12 22:43:38 $ -| $Author: e107coders $ +| $Revision: 1.7 $ +| $Date: 2007-05-28 09:37:35 $ +| $Author: e107steved $ +----------------------------------------------------------------------------+ */ define("PAGE_NAME", "Register"); @@ -117,7 +117,7 @@ define("LAN_SIGNUP_53", "field failed validation test"); define("LAN_SIGNUP_54", "Click here to fill in your details to register"); define("LAN_SIGNUP_55", "That display name is too long. Please choose another"); define("LAN_SIGNUP_56", "That display name is too short. Please choose another"); - +define("LAN_SIGNUP_57", "That login name is too long. Please choose another"); ?> diff --git a/e107_languages/English/lan_usersettings.php b/e107_languages/English/lan_usersettings.php index 97b03381e..2b70d40a9 100644 --- a/e107_languages/English/lan_usersettings.php +++ b/e107_languages/English/lan_usersettings.php @@ -4,9 +4,9 @@ | e107 website system - Language File. | | $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_usersettings.php,v $ -| $Revision: 1.5 $ -| $Date: 2007-04-12 23:04:51 $ -| $Author: e107coders $ +| $Revision: 1.6 $ +| $Date: 2007-05-28 09:37:35 $ +| $Author: e107steved $ +----------------------------------------------------------------------------+ */ define("PAGE_NAME", "User Settings"); @@ -108,5 +108,7 @@ define("LAN_USET_10","Please update your settings now, in order to proceed."); define("LAN_USET_11", "That user name cannot be accepted as valid, please choose a different user name"); define("LAN_USET_12", "That display name is too short. Please choose another"); define("LAN_USET_13", "Invalid characters in Username. Please choose another"); +define("LAN_USET_14", "Login name too long. Please choose another"); +define("LAN_USET_15", "Display name too long. Please choose another"); ?> \ No newline at end of file diff --git a/signup.php b/signup.php index deae937a2..3e42a5cb3 100644 --- a/signup.php +++ b/signup.php @@ -11,8 +11,8 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/signup.php,v $ -| $Revision: 1.8 $ -| $Date: 2007-04-27 19:30:23 $ +| $Revision: 1.9 $ +| $Date: 2007-05-28 09:37:27 $ | $Author: e107steved $ +----------------------------------------------------------------------------+ */ @@ -421,18 +421,25 @@ global $db_debug; } // Check if form maxlength has been bypassed - if ( strlen($_POST['name']) > 30 || strlen($_POST['loginname']) > 30) + if ( strlen($_POST['name']) > 30 || strlen($_POST['loginname']) > 100) { - exit; + exit; } // Check if display name exceeds maximum allowed length - if (isset($pref['displayname_maxlength']) && (strlen($_POST['name']) > $pref['displayname_maxlength'])) + if (strlen($_POST['name']) > varset($pref['displayname_maxlength'],15)) { $error_message .= LAN_SIGNUP_55."\\n"; $error = TRUE; } + // Check if login name exceeds maximum allowed length + if (strlen($_POST['loginname']) > varset($pref['loginname_maxlength'],30)) + { + $error_message .= LAN_SIGNUP_57."\\n"; + $error = TRUE; + } + // Display Name exists. if ($sql->db_Select("user", "*", "user_name='".$tp -> toDB($_POST['name'])."'")) { diff --git a/usersettings.php b/usersettings.php index 993d7c56b..c3f131919 100644 --- a/usersettings.php +++ b/usersettings.php @@ -11,8 +11,8 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/usersettings.php,v $ -| $Revision: 1.7 $ -| $Date: 2007-02-16 20:36:05 $ +| $Revision: 1.8 $ +| $Date: 2007-05-28 09:37:27 $ | $Author: e107steved $ +----------------------------------------------------------------------------+ */ @@ -137,6 +137,8 @@ if (isset($_POST['updatesettings'])) } } + +// Login Name checks if (isset($_POST['loginname'])) { // Only check if its been edited $temp_name = trim(preg_replace('/ |\#|\=|\$/', "", strip_tags($_POST['loginname']))); @@ -144,11 +146,16 @@ if (isset($_POST['updatesettings'])) { $error .= LAN_USET_13."\\n"; } + // Check if login name exceeds maximum allowed length + if (strlen($temp_name) > varset($pref['loginname_maxlength'],30)) + { + $error .= LAN_USET_14."\\n"; + } $_POST['loginname'] = $temp_name; } - // ==================================================================== +// Password checks $pwreset = ""; if ($_POST['password1'] != $_POST['password2']) { $error .= LAN_105."\\n"; @@ -192,13 +199,23 @@ if (isset($_POST['updatesettings'])) $error .= LAN_408."\\n"; } - // Impose a minimum length on display name - $username = trim(strip_tags($_POST['username'])); - if (isset($_POST['username']) && strlen($username) < 2) + +// Display name checks + if (isset($_POST['username'])) { - $error .= LAN_USET_12."\\n"; + // Impose a minimum length on display name + $username = trim(strip_tags($_POST['username'])); + if (strlen($username) < 2) + { + $error .= LAN_USET_12."\\n"; + } + if (strlen($username) > varset($pref['displayname_maxlength'],15)) + { + $error .= LAN_USET_15."\\n"; + } } + $user_sess = ""; if ($file_userfile['error'] != 4) {