From dc80ffdb40472fa9344765162c9d21d57f270de0 Mon Sep 17 00:00:00 2001
From: 3D-I <marktravai@gmail.com>
Date: Sun, 31 Mar 2019 07:08:20 +0200
Subject: [ticket/16004] Add check-in for Emojis in Username

PHPBB3-16004
---
 phpBB/includes/functions_user.php | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'phpBB/includes/functions_user.php')

diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index d019b867fa..5789981429 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -1760,6 +1760,13 @@ function validate_username($username, $allowed_username = false)
 		return 'USERNAME_TAKEN';
 	}
 
+	// Check for out-of-bounds characters that are currently
+	// not supported by utf8_bin in MySQL
+	if (preg_match('/[\x{10000}-\x{10FFFF}]/u', $username))
+	{
+		return 'INVALID_EMOJIS_USERNAME';
+	}
+
 	$sql = 'SELECT group_name
 		FROM ' . GROUPS_TABLE . "
 		WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($username)) . "'";
-- 
cgit v1.2.1