From 0c42dd05df091386f7c05e1e8bcd2baaf0f47497 Mon Sep 17 00:00:00 2001
From: Meik Sievertsen <acydburn@phpbb.com>
Date: Thu, 27 Mar 2003 17:18:48 +0000
Subject: [PATCH] more fixes. see the changelog for the major one.

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3734 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/docs/CHANGELOG.html                    | 1 +
 phpBB/includes/functions.php                 | 4 ++--
 phpBB/includes/functions_validate.php        | 3 ++-
 phpBB/includes/usercp_register.php           | 8 ++++----
 phpBB/templates/subSilver/overall_header.tpl | 2 +-
 5 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 944abe9332..c2dea36d25 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -103,6 +103,7 @@ p,ul,td {font-size:10pt;}
 <li>Display correct alt-tag for smilies within postings - emoticon instead of filename</li>
 <li>Prevented the ability to apply BBCode to website contents - we will find another EasterEgg</li>
 <li>Fixed problems with very long user passwords</li>
+<li>Limited username length the strict way - duplicate username registrations should no longer occur</li>
 </ul>
 
 <a name="203"></a><h3 class="h3">1.ii. Changes since 2.0.3</h3>
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index ee157de709..6ceea44167 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -78,12 +78,12 @@ function get_userdata($user)
 {
 	global $db;
 
-	$user = ( intval($user) == 0) ? str_replace("\'", "''", htmlspecialchars(trim($user))) : intval($user);
+	$user = ( is_string($user)) ? str_replace("\'", "''", htmlspecialchars(trim($user))) : intval($user);
 
 	$sql = "SELECT *
 		FROM " . USERS_TABLE . " 
 		WHERE ";
-	$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" .  $user . "'" ) . " AND user_id <> " . ANONYMOUS;
+	$sql .= ( ( is_string($user) ) ? "username = '" .  $user . "'" : "user_id = $user" ) . " AND user_id <> " . ANONYMOUS;
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);
diff --git a/phpBB/includes/functions_validate.php b/phpBB/includes/functions_validate.php
index 327ac47170..2e97a36baa 100644
--- a/phpBB/includes/functions_validate.php
+++ b/phpBB/includes/functions_validate.php
@@ -29,7 +29,8 @@ function validate_username($username)
 {
 	global $db, $lang, $userdata;
 
-	$username = str_replace("\'", "''", $username);
+	$username = substr(str_replace("\'", "'", $username), 0, 25);
+	$username = str_replace("'", "''", $username);
 
 	$sql = "SELECT username 
 		FROM " . USERS_TABLE . " 
diff --git a/phpBB/includes/usercp_register.php b/phpBB/includes/usercp_register.php
index 096bdd539d..f2049f1ac4 100644
--- a/phpBB/includes/usercp_register.php
+++ b/phpBB/includes/usercp_register.php
@@ -466,7 +466,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 
 				$emailer->assign_vars(array(
 					'SITENAME' => $board_config['sitename'],
-					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $username),
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
 
 					'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
@@ -577,7 +577,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				$emailer->assign_vars(array(
 					'SITENAME' => $board_config['sitename'],
 					'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
-					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $username),
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'PASSWORD' => $password_confirm,
 					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
 
@@ -599,7 +599,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				$emailer->assign_vars(array(
 					'SITENAME' => $board_config['sitename'],
 					'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
-					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $username),
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'PASSWORD' => $password_confirm,
 					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
 
@@ -635,7 +635,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				$emailer->extra_headers($email_headers . "Bcc: $bcc_list\n");
 
 				$emailer->assign_vars(array(
-					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $username),
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
 
 					'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
diff --git a/phpBB/templates/subSilver/overall_header.tpl b/phpBB/templates/subSilver/overall_header.tpl
index c62256f52e..f7ebfb2775 100644
--- a/phpBB/templates/subSilver/overall_header.tpl
+++ b/phpBB/templates/subSilver/overall_header.tpl
@@ -220,7 +220,7 @@ input.liteoption {
 </script>
 <!-- END switch_enable_pm_popup -->
 </head>
-<body bgcolor="{T_BODY_BGCOLOR}" text="{T_BODY_TEXT}" link="{T_BODY_LINK}" vlink="{T_BODY_VLINK}" />
+<body bgcolor="{T_BODY_BGCOLOR}" text="{T_BODY_TEXT}" link="{T_BODY_LINK}" vlink="{T_BODY_VLINK}">
 
 <a name="top"></a>