diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-01-27 03:10:40 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-01-27 03:10:40 +0000 |
| commit | 57fdecdc0e7ca0751ac28fd4c34723033383bb14 (patch) | |
| tree | 7fd584e22618ece0dd302a6367058fea6ee85f5a /phpBB/includes/functions.php | |
| parent | 617008810f4240b490f5acbbfebb863e9292dcfa (diff) | |
| download | forums-57fdecdc0e7ca0751ac28fd4c34723033383bb14.tar forums-57fdecdc0e7ca0751ac28fd4c34723033383bb14.tar.gz forums-57fdecdc0e7ca0751ac28fd4c34723033383bb14.tar.bz2 forums-57fdecdc0e7ca0751ac28fd4c34723033383bb14.tar.xz forums-57fdecdc0e7ca0751ac28fd4c34723033383bb14.zip | |
Fix various bugs; password length warning, proper warnings for username/email errors
git-svn-id: file:///svn/phpbb/trunk@1965 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 92 |
1 files changed, 30 insertions, 62 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 52b153ce5b..09466e0a4f 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -191,7 +191,7 @@ function make_jumpbox($match_forum_id = 0) if( isset($SID) ) { -// $boxstring .= '<input type="hidden" name="sid" value="' . $SID . '" />'; + $boxstring .= '<input type="hidden" name="sid" value="' . $SID . '" />'; } return($boxstring); @@ -304,7 +304,6 @@ function init_userprefs($userdata) $new_value = str_replace("_lang", "_" . $board_config['default_lang'], $value); $images[$key] = ( file_exists($new_value) ) ? $new_value : str_replace("_lang", "_english", $value); -// list($images_width[$key], $images_height[$key]) = getimagesize($images[$key]); } } @@ -498,73 +497,42 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add // function validate_username($username) { - global $db; - - switch(SQL_LAYER) + global $db, $lang; + + $sql = "SELECT u.username, g.group_name + FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug + WHERE ug.user_id = u.user_id + AND g.group_id = ug.group_id + AND ( LOWER(u.username) = '" . strtolower(str_replace("\'", "''", $username)) . "' + OR LOWER(g.group_name) = '" . strtolower(str_replace("\'", "''", $username)) . "' )"; + if ( $result = $db->sql_query($sql) ) { - case 'mysql': - case 'mysql4': - $sql_users = "SELECT u.username, g.group_name - FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug - WHERE ug.user_id = u.user_id - AND g.group_id = ug.group_id - AND ( LOWER(u.username) = '" . strtolower(str_replace("\'", "''", $username)) . "' - OR LOWER(g.group_name) = '" . strtolower(str_replace("\'", "''", $username)) . "' )"; - $sql_disallow = "SELECT disallow_username - FROM " . DISALLOW_TABLE . " - WHERE '" . str_replace("\'", "''", $username) . "' LIKE disallow_username"; - if($result = $db->sql_query($sql_users)) - { - if($db->sql_numrows($result) > 0) - { - return(FALSE); - } - } - if($result = $db->sql_query($sql_disallow)) - { - if($db->sql_numrows($result) > 0) - { - return(FALSE); - } - } - break; + if ( $db->sql_fetchrow($result) ) + { + return array('error' => $lang['Username_taken']); + } + } - default: - $sql = "SELECT u.username, g.group_name - FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug - WHERE ug.user_id = u.user_id - AND g.group_id = ug.group_id - AND ( LOWER(u.username) = '" . strtolower(str_replace("\'", "''", $username)) . "' - OR LOWER(g.group_name) = '" . strtolower(str_replace("\'", "''", $username)) . "' ) - UNION - SELECT disallow_username, NULL - FROM " . DISALLOW_TABLE . " - WHERE '" . str_replace("\'", "''", $username) . "' LIKE disallow_username"; - if($result = $db->sql_query($sql)) - { - if($db->sql_numrows($result) > 0) - { - return(FALSE); - } - } - break; + $sql = "SELECT disallow_username + FROM " . DISALLOW_TABLE . " + WHERE '" . str_replace("\'", "''", $username) . "' LIKE disallow_username"; + if ( $result = $db->sql_query($sql) ) + { + if ( $db->sql_fetchrow($result) ) + { + return array('error' => $lang['Username_disallowed']); + } } $sql = "SELECT word FROM " . WORDS_TABLE; - if( !$words_result = $db->sql_query($sql) ) + if ( $result = $db->sql_query($sql) ) { - message_die(GENERAL_ERROR, "Couldn't get censored words from database.", "", __LINE__, __FILE__, $sql); - } - else - { - $word_list = $db->sql_fetchrowset($words_result); - - for($i = 0; $i < count($word_list); $i++) + while( $row = $db->sql_fetchrow($result) ) { - if( preg_match("/\b(" . str_replace("\*", "\w*?", preg_quote($word_list[$i]['word'])) . ")\b/i", $username) ) + if( preg_match("/\b(" . str_replace("\*", "\w*?", preg_quote($row['word'])) . ")\b/i", $username) ) { - return(FALSE); + return array('error' => $lang['Username_disallowed']); } } } @@ -572,10 +540,10 @@ function validate_username($username) // Don't allow " in username. if ( strstr($username, '"') ) { - return FALSE; + return array('error' => $lang['Username_invalid']); } - return(TRUE); + return array('error' => ''); } |