diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2006-11-03 17:07:00 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2006-11-03 17:07:00 +0100 |
| commit | 54f0e6ea83591f920ac7b4719213e38f317740ed (patch) | |
| tree | d54380f65cfa5e92b716371aa5b574662a4291a7 /inc/auth.php | |
| parent | ee7b5a6202608290324cb28c5f555ed797f24fc4 (diff) | |
| download | rpg-54f0e6ea83591f920ac7b4719213e38f317740ed.tar.gz rpg-54f0e6ea83591f920ac7b4719213e38f317740ed.tar.bz2 | |
don't allow commas in full name registration FS#960
darcs-hash:20061103160700-7ad00-01c7039c591ebdffcbe283984b23b2bb4ed4bc74.gz
Diffstat (limited to 'inc/auth.php')
| -rw-r--r-- | inc/auth.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/inc/auth.php b/inc/auth.php index 29f57b29e..2e9d51767 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -471,8 +471,8 @@ function register(){ $_POST['login'] = preg_replace('/.*:/','',$_POST['login']); $_POST['login'] = cleanID($_POST['login']); //clean fullname and email - $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['fullname'])); - $_POST['email'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['email'])); + $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['fullname'])); + $_POST['email'] = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['email'])); if( empty($_POST['login']) || empty($_POST['fullname']) || @@ -555,8 +555,8 @@ function updateprofile() { } //clean fullname and email - $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['fullname'])); - $_POST['email'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['email'])); + $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['fullname'])); + $_POST['email'] = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['email'])); if (empty($_POST['fullname']) || empty($_POST['email'])) { msg($lang['profnoempty'],-1); |