diff options
author | Luke Shumaker <LukeShu@sbcglobal.net> | 2011-09-30 18:26:21 -0400 |
---|---|---|
committer | Luke Shumaker <LukeShu@sbcglobal.net> | 2011-09-30 18:26:21 -0400 |
commit | 50bbd4a6a7294546c0fe3c455f4c728e5d0701d0 (patch) | |
tree | 24a34e790ee7f28cd05104acdda984c705664d07 /src/models | |
parent | 74f3131207496cd2351b828faead37bfa319d024 (diff) |
Move username validation from the Users controller to the Auth model.
Diffstat (limited to 'src/models')
-rw-r--r-- | src/models/Auth.class.php | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/models/Auth.class.php b/src/models/Auth.class.php index 975c25f..25570bf 100644 --- a/src/models/Auth.class.php +++ b/src/models/Auth.class.php @@ -21,6 +21,18 @@ class Auth { } return self::$users[$uid]; } + + public static function isNameLegal($name) { + // Current rules: + // * Not in "$illegal_names" + // * Does not contain '.' + // * Less <256 characters + $illegal_names = array('', 'new', 'index'); + return true + && (!in_array($name, $illegal_names)) + && (strpos($name,'.')===false) + && (strlen($name)<=256); + } protected $db = null; protected $uid = false; @@ -106,6 +118,7 @@ class Auth { } public function setName($new_name) { if (!$this->canEdit()) return false; + if (!self::isNameLegal($new_name)) return false; return $this->db->setUsername($this->uid, $new_name); } |