diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2007-06-10 23:05:47 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2007-06-10 23:05:47 +0000 |
| commit | 056ab23bb65aea43aeb0918e7d7992a8987890a8 (patch) | |
| tree | 0e77d844941adb97d5881497cedf92d504509af0 | |
| parent | ef48211dc55053e1e836a394d5a5509ad64ae65b (diff) | |
| download | forums-056ab23bb65aea43aeb0918e7d7992a8987890a8.tar forums-056ab23bb65aea43aeb0918e7d7992a8987890a8.tar.gz forums-056ab23bb65aea43aeb0918e7d7992a8987890a8.tar.bz2 forums-056ab23bb65aea43aeb0918e7d7992a8987890a8.tar.xz forums-056ab23bb65aea43aeb0918e7d7992a8987890a8.zip | |
fix for #12255 - do not allow empty cleaned usernames
git-svn-id: file:///svn/phpbb/trunk@7748 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/includes/functions_user.php | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 53fb65d0f0..08ccfa030f 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -143,9 +143,16 @@ function user_add($user_row, $cp_data = false) return false; } + $username_clean = utf8_clean_string($user_row['username']); + + if (empty($username_clean)) + { + return false; + } + $sql_ary = array( 'username' => $user_row['username'], - 'username_clean' => utf8_clean_string($user_row['username']), + 'username_clean' => $username_clean, 'user_password' => (isset($user_row['user_password'])) ? $user_row['user_password'] : '', 'user_pass_convert' => 0, 'user_email' => strtolower($user_row['user_email']), @@ -1262,7 +1269,7 @@ function validate_username($username, $allowed_username = false) } // ... fast checks first. - if (strpos($username, '"') !== false || strpos($username, '"') !== false) + if (strpos($username, '"') !== false || strpos($username, '"') !== false || empty($clean_username)) { return 'INVALID_CHARS'; } |