mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-06 22:45:02 +02:00
Code Issues Releases Wiki Activity

Wasn't checking for wildcards in disallowed usernames during validation ... how we missed this for months is beyond me ... thanks to the anonymous bug track adder ...

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@2391 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-03-21 14:29:42 +00:00
parent 1ed2ed3072
commit 8aaf250314
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
phpBB/includes/functions_validate.php
View File

@ -58,15 +58,17 @@ function validate_username($username)
} }
$sql = "SELECT disallow_username $sql = "SELECT disallow_username
FROM " . DISALLOW_TABLE . " FROM " . DISALLOW_TABLE;
WHERE disallow_username LIKE '$username'";
if ( $result = $db->sql_query($sql) ) if ( $result = $db->sql_query($sql) )
{ {
if ( $db->sql_fetchrow($result) ) while( $row = $db->sql_fetchrow($result) )
{
if ( preg_match("#\b(" . str_replace("\*", "\w*?", preg_quote($row['disallow_username'])) . ")\b#i", $username) )
{ {
return array('error' => true, 'error_msg' => $lang['Username_disallowed']); return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
} }
} }
}
$sql = "SELECT word $sql = "SELECT word
FROM " . WORDS_TABLE; FROM " . WORDS_TABLE;