diff options
| author | Matt Friedman <maf675@gmail.com> | 2016-02-29 11:41:47 -0800 |
|---|---|---|
| committer | Matt Friedman <maf675@gmail.com> | 2016-02-29 11:41:47 -0800 |
| commit | d373428180e884f03a830aa69fe8ff2cd6a5140a (patch) | |
| tree | e364729640cad537417088efc5147155c7a66aa2 /phpBB/phpbb/console | |
| parent | 6fe084a2fd967c188bdca827a46647120a5ea58d (diff) | |
| download | forums-d373428180e884f03a830aa69fe8ff2cd6a5140a.tar forums-d373428180e884f03a830aa69fe8ff2cd6a5140a.tar.gz forums-d373428180e884f03a830aa69fe8ff2cd6a5140a.tar.bz2 forums-d373428180e884f03a830aa69fe8ff2cd6a5140a.tar.xz forums-d373428180e884f03a830aa69fe8ff2cd6a5140a.zip | |
[ticket/12684] Add input validation
PHPBB3-12684
Diffstat (limited to 'phpBB/phpbb/console')
| -rw-r--r-- | phpBB/phpbb/console/command/user/add.php | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/phpBB/phpbb/console/command/user/add.php b/phpBB/phpbb/console/command/user/add.php index f3b52349b7..db06037947 100644 --- a/phpBB/phpbb/console/command/user/add.php +++ b/phpBB/phpbb/console/command/user/add.php @@ -123,6 +123,22 @@ class add extends \phpbb\console\command\command ); } + $data = array( + 'username' => $username, + 'new_password' => $password, + 'email' => $email, + ); + + try + { + $this->validate_user_data($data); + } + catch (runtime_exception $e) + { + $io->error($e->getMessage()); + return 1; + } + try { $group_id = $this->get_group_id(); @@ -191,6 +207,38 @@ class add extends \phpbb\console\command\command } /** + * Validate the submitted user data + * + * @param array $data The user data array + * @throws runtime_exception if any data fails validation + * @return null + */ + protected function validate_user_data($data) + { + if (!function_exists('validate_data')) + { + require($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext); + } + + $error = validate_data($data, array( + 'username' => array( + array('string', false, $this->config['min_name_chars'], $this->config['max_name_chars']), + array('username', '')), + 'new_password' => array( + array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']), + array('password')), + 'email' => array( + array('string', false, 6, 60), + array('user_email')), + )); + + if ($error) + { + throw new runtime_exception(implode("\n", array_map(array($this->user, 'lang'), $error))); + } + } + + /** * Get the group id * * Go and find in the database the group_id corresponding to 'REGISTERED' |