mirror of
https://github.com/phpbb/phpbb.git
synced 2025-03-14 04:30:29 +01:00
Merge branch 'ticket/security/254' into prep-release-3.3.5
This commit is contained in:
commit
5b3d238804
@ -1752,7 +1752,8 @@ function validate_username($username, $allowed_username = false, $allow_all_name
|
||||
}
|
||||
|
||||
// ... fast checks first.
|
||||
if (strpos($username, '"') !== false || strpos($username, '"') !== false || empty($clean_username))
|
||||
if (strpos($username, '"') !== false || strpos($username, '"') !== false || empty($clean_username)
|
||||
|| preg_match('/[\x{180E}\x{2005}-\x{200D}\x{202F}\x{205F}\x{2060}\x{FEFF}]/u', $username))
|
||||
{
|
||||
return 'INVALID_CHARS';
|
||||
}
|
||||
|
@ -51,6 +51,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case
|
||||
'barfoo_disallow' => array('USERNAME_DISALLOWED'),
|
||||
'admin_taken' => array('USERNAME_TAKEN'),
|
||||
'group_taken' => array('USERNAME_TAKEN'),
|
||||
'a d m i n i strator' => array('INVALID_CHARS'),
|
||||
)),
|
||||
array('USERNAME_ALPHA_ONLY', array(
|
||||
'foobar_allow' => array(),
|
||||
@ -65,6 +66,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case
|
||||
'barfoo_disallow' => array('USERNAME_DISALLOWED'),
|
||||
'admin_taken' => array('USERNAME_TAKEN'),
|
||||
'group_taken' => array('INVALID_CHARS'),
|
||||
'a d m i n i strator' => array('INVALID_CHARS'),
|
||||
)),
|
||||
array('USERNAME_ALPHA_SPACERS', array(
|
||||
'foobar_allow' => array(),
|
||||
@ -79,6 +81,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case
|
||||
'barfoo_disallow' => array('USERNAME_DISALLOWED'),
|
||||
'admin_taken' => array('USERNAME_TAKEN'),
|
||||
'group_taken' => array('USERNAME_TAKEN'),
|
||||
'a d m i n i strator' => array('INVALID_CHARS'),
|
||||
)),
|
||||
array('USERNAME_LETTER_NUM', array(
|
||||
'foobar_allow' => array(),
|
||||
@ -93,6 +96,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case
|
||||
'barfoo_disallow' => array('USERNAME_DISALLOWED'),
|
||||
'admin_taken' => array('USERNAME_TAKEN'),
|
||||
'group_taken' => array('INVALID_CHARS'),
|
||||
'a d m i n i strator' => array('INVALID_CHARS'),
|
||||
)),
|
||||
array('USERNAME_LETTER_NUM_SPACERS', array(
|
||||
'foobar_allow' => array(),
|
||||
@ -107,6 +111,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case
|
||||
'barfoo_disallow' => array('USERNAME_DISALLOWED'),
|
||||
'admin_taken' => array('USERNAME_TAKEN'),
|
||||
'group_taken' => array('USERNAME_TAKEN'),
|
||||
'a d m i n i strator' => array('INVALID_CHARS'),
|
||||
)),
|
||||
array('USERNAME_ASCII', array(
|
||||
'foobar_allow' => array(),
|
||||
@ -121,6 +126,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case
|
||||
'barfoo_disallow' => array('USERNAME_DISALLOWED'),
|
||||
'admin_taken' => array('USERNAME_TAKEN'),
|
||||
'group_taken' => array('USERNAME_TAKEN'),
|
||||
'a d m i n i strator' => array('INVALID_CHARS'),
|
||||
)),
|
||||
);
|
||||
}
|
||||
@ -201,6 +207,11 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case
|
||||
'foobar_group',
|
||||
array('username'),
|
||||
),
|
||||
'a d m i n i strator' => array(
|
||||
$expected['a d m i n i strator'],
|
||||
'a d m i n i strator',
|
||||
array('username'),
|
||||
),
|
||||
));
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user