From 54f0e6ea83591f920ac7b4719213e38f317740ed Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Fri, 3 Nov 2006 17:07:00 +0100
Subject: don't allow commas in full name registration FS#960

darcs-hash:20061103160700-7ad00-01c7039c591ebdffcbe283984b23b2bb4ed4bc74.gz
---
 inc/auth.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'inc')

diff --git a/inc/auth.php b/inc/auth.php
index 29f57b29e..2e9d51767 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -471,8 +471,8 @@ function register(){
   $_POST['login'] = preg_replace('/.*:/','',$_POST['login']);
   $_POST['login'] = cleanID($_POST['login']);
   //clean fullname and email
-  $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['fullname']));
-  $_POST['email']    = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['email']));
+  $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['fullname']));
+  $_POST['email']    = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['email']));
 
   if( empty($_POST['login']) ||
       empty($_POST['fullname']) ||
@@ -555,8 +555,8 @@ function updateprofile() {
   }
 
   //clean fullname and email
-  $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['fullname']));
-  $_POST['email']    = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['email']));
+  $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['fullname']));
+  $_POST['email']    = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/','',$_POST['email']));
 
   if (empty($_POST['fullname']) || empty($_POST['email'])) {
     msg($lang['profnoempty'],-1);
-- 
cgit v1.2.3