diff options
Diffstat (limited to 'phpBB/includes/functions_user.php')
-rw-r--r-- | phpBB/includes/functions_user.php | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index d335c32cd5..bbd2d070cb 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1184,6 +1184,12 @@ function validate_username($username, $allowed_username = false) return false; } + // ... fast checks first. + if (strpos($username, '"') !== false || strpos($username, '"') !== false) + { + return 'INVALID_CHARS'; + } + $mbstring = $pcre = false; // generic UTF-8 character types supported? @@ -1247,6 +1253,7 @@ function validate_username($username, $allowed_username = false) break; case 'USERNAME_ASCII': + default: $pcre = true; $regex = '[\x01-\x7F]+'; break; @@ -1269,11 +1276,6 @@ function validate_username($username, $allowed_username = false) } } - if (strpos($username, '"') !== false || strpos($username, '"') !== false) - { - return 'INVALID_CHARS'; - } - $sql = 'SELECT username FROM ' . USERS_TABLE . " WHERE username_clean = '" . $db->sql_escape($clean_username) . "'"; |