From d758c117843dec04b061263095baeea7697b05a4 Mon Sep 17 00:00:00 2001
From: Evan Prodromou <evan@controlezvous.ca>
Date: Sun, 22 Jun 2008 14:04:37 -0400
Subject: disallow nicknames on a blacklist

darcs-hash:20080622180437-34904-4b6313f6fd8845232031663c5c2df00dff725183.gz
---
 actions/finishopenidlogin.php | 8 ++++++++
 actions/profilesettings.php   | 2 ++
 actions/register.php          | 2 ++
 3 files changed, 12 insertions(+)

(limited to 'actions')

diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php
index 27e5057ec..fe9894e52 100644
--- a/actions/finishopenidlogin.php
+++ b/actions/finishopenidlogin.php
@@ -167,6 +167,11 @@ class FinishopenidloginAction extends Action {
 			$this->show_form(_t('Nickname must have only letters and numbers and no spaces.'));
 			return;
 		}
+
+		if (!User::allowed_nickname($nickname)) {
+			$this->show_form(_t('Nickname not allowed.'));
+			return;
+		}
 		
 		if (User::staticGet('nickname', $nickname)) {
 			$this->show_form(_t('Nickname already in use. Try another one.'));
@@ -338,6 +343,9 @@ class FinishopenidloginAction extends Action {
 										  'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
 			return false;
 		}
+		if (!User::allowed_nickname($str)) {
+			return false;
+		}
 		if (User::staticGet('nickname', $str)) {
 			return false;
 		}
diff --git a/actions/profilesettings.php b/actions/profilesettings.php
index 6764ad288..b6e24c729 100644
--- a/actions/profilesettings.php
+++ b/actions/profilesettings.php
@@ -88,6 +88,8 @@ class ProfilesettingsAction extends SettingsAction {
 													  'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
 			$this->show_form(_t('Nickname must have only letters and numbers and no spaces.'));
 			return;
+		} else if (!User::allowed_nickname($nickname)) {
+			$this->show_form(_t('Not a valid nickname.'));
 		} else if (!is_null($homepage) && (strlen($homepage) > 0) &&
 				   !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) {
 			$this->show_form(_t('Homepage is not a valid URL.'));
diff --git a/actions/register.php b/actions/register.php
index 31c8fea70..16e80ef17 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -57,6 +57,8 @@ class RegisterAction extends Action {
 			$this->show_form(_t('Nickname must have only lowercase letters and numbers and no spaces.'));
 		} else if ($this->nickname_exists($nickname)) {
 			$this->show_form(_t('Nickname already exists.'));
+		} else if (!User::allowed_nickname($nickname)) {
+			$this->show_form(_t('Not a valid nickname.'));
 		} else if ($this->email_exists($email)) {
 			$this->show_form(_t('Email address already exists.'));
 		} else if ($password != $confirm) {
-- 
cgit v1.2.3-54-g00ecf