more fixes. see the changelog for the major one.

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3734 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-05-05 23:25:30 +02:00 · 2003-03-27 17:18:48 +00:00 · 2003-03-27 17:18:48 +00:00 · 0c42dd05df
commit 0c42dd05df
parent adc030875e
5 changed files with 10 additions and 8 deletions
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@ -103,6 +103,7 @@ p,ul,td {font-size:10pt;}
 <li>Display correct alt-tag for smilies within postings - emoticon instead of filename</li>
 <li>Prevented the ability to apply BBCode to website contents - we will find another EasterEgg</li>
 <li>Fixed problems with very long user passwords</li>
+<li>Limited username length the strict way - duplicate username registrations should no longer occur</li>
 </ul>

 <a name="203"></a><h3 class="h3">1.ii. Changes since 2.0.3</h3>
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -78,12 +78,12 @@ function get_userdata($user)
 {
 	global $db;

-	$user = ( intval($user) == 0) ? str_replace("\'", "''", htmlspecialchars(trim($user))) : intval($user);
+	$user = ( is_string($user)) ? str_replace("\'", "''", htmlspecialchars(trim($user))) : intval($user);

 	$sql = "SELECT *
 		FROM " . USERS_TABLE . " 
 		WHERE ";
-	$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" .  $user . "'" ) . " AND user_id <> " . ANONYMOUS;
+	$sql .= ( ( is_string($user) ) ? "username = '" .  $user . "'" : "user_id = $user" ) . " AND user_id <> " . ANONYMOUS;
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);
--- a/phpBB/includes/functions_validate.php
+++ b/phpBB/includes/functions_validate.php
@ -29,7 +29,8 @@ function validate_username($username)
 {
 	global $db, $lang, $userdata;

-	$username = str_replace("\'", "''", $username);
+	$username = substr(str_replace("\'", "'", $username), 0, 25);
+	$username = str_replace("'", "''", $username);

 	$sql = "SELECT username 
 		FROM " . USERS_TABLE . " 
--- a/phpBB/includes/usercp_register.php
+++ b/phpBB/includes/usercp_register.php
@ -466,7 +466,7 @@ if ( isset($HTTP_POST_VARS['submit']) )

 				$emailer->assign_vars(array(
 					'SITENAME' => $board_config['sitename'],
-					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $username),
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',

 					'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
@ -577,7 +577,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				$emailer->assign_vars(array(
 					'SITENAME' => $board_config['sitename'],
 					'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
-					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $username),
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'PASSWORD' => $password_confirm,
 					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),

@ -599,7 +599,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				$emailer->assign_vars(array(
 					'SITENAME' => $board_config['sitename'],
 					'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
-					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $username),
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'PASSWORD' => $password_confirm,
 					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),

@ -635,7 +635,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				$emailer->extra_headers($email_headers . "Bcc: $bcc_list\n");

 				$emailer->assign_vars(array(
-					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $username),
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),

 					'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
--- a/phpBB/templates/subSilver/overall_header.tpl
+++ b/phpBB/templates/subSilver/overall_header.tpl
@ -220,7 +220,7 @@ input.liteoption {
 </script>
 <!-- END switch_enable_pm_popup -->
 </head>
-<body bgcolor="{T_BODY_BGCOLOR}" text="{T_BODY_TEXT}" link="{T_BODY_LINK}" vlink="{T_BODY_VLINK}" />
+<body bgcolor="{T_BODY_BGCOLOR}" text="{T_BODY_TEXT}" link="{T_BODY_LINK}" vlink="{T_BODY_VLINK}">

 <a name="top"></a>