diff options
Diffstat (limited to 'src/models')
| -rw-r--r-- | src/models/Auth.class.php | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/models/Auth.class.php b/src/models/Auth.class.php index 975c25f..25570bf 100644 --- a/src/models/Auth.class.php +++ b/src/models/Auth.class.php @@ -21,6 +21,18 @@ class Auth { } return self::$users[$uid]; } + + public static function isNameLegal($name) { + // Current rules: + // * Not in "$illegal_names" + // * Does not contain '.' + // * Less <256 characters + $illegal_names = array('', 'new', 'index'); + return true + && (!in_array($name, $illegal_names)) + && (strpos($name,'.')===false) + && (strlen($name)<=256); + } protected $db = null; protected $uid = false; @@ -106,6 +118,7 @@ class Auth { } public function setName($new_name) { if (!$this->canEdit()) return false; + if (!self::isNameLegal($new_name)) return false; return $this->db->setUsername($this->uid, $new_name); } |