summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
Diffstat (limited to 'includes')
-rw-r--r--includes/common.inc12
-rw-r--r--includes/user.inc39
2 files changed, 28 insertions, 23 deletions
diff --git a/includes/common.inc b/includes/common.inc
index e52760ec0..2fc7c8a42 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -1,4 +1,4 @@
-<?php
+<?
$na = "<I>na</I>";
@@ -66,14 +66,6 @@ function check_code($text) {
return $text;
}
-function check_mail($mail) {
- return eregi("^[_+\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $mail) ? 1 : 0;
-}
-
-function check_name($name) {
- return ereg("[^a-zA-Z0-9_-]", $name) ? 0 : 1;
-}
-
function check_preview($text) {
return check_output(check_input($text));
}
@@ -144,7 +136,7 @@ function format_date($timestamp, $type = "medium", $format = "") {
function format_username($username) {
global $user;
- if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=$username\">$username</A>" : "<A HREF=\"account.php?op=view&name=$username\">$username</A>");
+ if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=". urlencode($username) ."\">$username</A>" : "<A HREF=\"account.php?op=view&name=". urlencode($username) ."\">$username</A>");
else return variable_get(anonymous, "Anonymous");
}
diff --git a/includes/user.inc b/includes/user.inc
index 082bd3f5e..73d3243bd 100644
--- a/includes/user.inc
+++ b/includes/user.inc
@@ -63,28 +63,41 @@ function user_ban($mask, $type) {
return db_fetch_object($result);
}
-function account_password($min_length=6) {
+function user_password($min_length=6) {
mt_srand((double)microtime() * 1000000);
$words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo");
- while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
+ while (strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
return $password;
}
-function account_validate($user) {
- // Verify username and e-mail address:
- if (empty($user[real_email]) || (!check_mail($user[real_email]))) $error = t("the e-mail address '$user[real_email]' is not valid");
- if (empty($user[userid]) || (!check_name($user[userid]))) $error = t("the username '$user[userid]' is not valid");
- if (strlen($user[userid]) > 15) $error = t("the username '$user[userid]' is too long: it must be less than 15 characters");
+function user_validate_name($name) {
+ if (!$name) return t("you must enter a username.");
+ if (eregi("^ ", $name)) return t("the username can not begin with a space.");
+ if (eregi(" \$", $name)) return t("the username can not end with a space.");
+ if (eregi(" ", $name)) return t("the username can not contain multiple spaces in a row.");
+ if (eregi("[^a-zA-Z0-9 ]", $name)) return t("the username contains an illegal character.");
+ if (strlen($name) > 15) return t("the username '$name' is too long: it must be less than 15 characters.");
+}
+
+function user_validate_mail($mail) {
+ if (!$mail) return t("your must enter an e-mail address.");
+ if (!eregi("^[_+\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $mail)) return t("the e-mail address '$email' is not valid.");
+}
+
+function user_validate($user) {
+ // Verify username:
+ if ($error = user_validate_name($user[userid])) return $error;
+
+ // Verify e-mail address:
+ if ($error = user_validate_mail($user[real_email])) return $error;
// Check to see whether the username or e-mail address are banned:
- if ($ban = user_ban($user[userid], "username")) $error = t("the username '$user[userid]' is banned") .": <I>$ban->reason</I>";
- if ($ban = user_ban($user[real_email], "e-mail address")) $error = t("the e-mail address '$user[real_email]' is banned") .": <I>$ban->reason</I>";
+ if ($ban = user_ban($user[userid], "username")) return t("the username '$user[userid]' is banned") .": <I>$ban->reason</I>.";
+ if ($ban = user_ban($user[real_email], "e-mail address")) return t("the e-mail address '$user[real_email]' is banned") .": <I>$ban->reason</I>.";
// Verify whether username and e-mail address are unique:
- if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error = t("the username '$user[userid]' is already taken");
- if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) $error = t("the e-mail address '$user[real_email]' is already in use by another account");
-
- return $error;
+ if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) return t("the username '$user[userid]' is already taken.");
+ if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) return t("the e-mail address '$user[real_email]' is already in use by another account.");
}
?> \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-22 22:47:47 +0000