Welcome to Geeklog, Anonymous Thursday, October 10 2024 @ 01:26 am EDT
Geeklog Forums
New function: restricting characters in username
Status: offline
paulmon
Forum User
Newbie
Registered: 11/22/03
Posts: 11
I'm in the process of moving from MyPHPNuke to Geeklog and came across something that left me speechless. It seems Geeklog allows ANY character to be used as a username, including HTML and things like !@#$%^&*()| . So in place of posting and whinning I've come up with a fix. The following function should be placed in lib-custom.php and is based on an equivelent function from MPN. Basically it will allow you three levels of username, loose, medium and strict where strict is more or less only alphanumeric, my preference. To use this function, this is the sucky part, you have to add a line to users.php to call the userCheck function. Not perfect but not the end of the world. This has only been tested on GL 1.3.8.
This doesn't return anything pretty, just a blank page with an error message. If anyone has the time I wouldn't mind seeing this display the error at the top of the user registration page. I just don't have the time, got enough to do to switch my site to Geeklog from MPN.
Up next, MPN forum and link conversion tools.
Enjoy.
Paul
Instructions:
Find the createuser function in users.php, after the following line:
$username = trim ($username);
add a call to the userCheck function:
userCheck($username);
Here's the userCheck function, cut and paste this to the end of your lib-custom.php.
// Based on function userCheck from MyPHPNuke
function userCheck($uname) {
global $_CONF,$_TABLES, $LANG04;
// Set uname_test_level below to choose how strict the check should be.
$uname_test_level = 0;
$strict = "^a-zA-Z0-9_"; // $uname_test_level = 0
$medium = $strict.",.$%#@!'""; // $uname_test_level = 1
$loose = $medium."?{}[]()^&*`~;:+="; // $uname_test_level = 2
switch($uname_test_level) {
case 0:
$restriction = $strict;
break;
case 1:
$restriction = $medium;
break;
case 2:
$restriction = $loose;
break;
}
if ((!$uname) || ($uname=="") || (ereg("[".$restriction."-]",$uname))) {
print 'Invalid username, username can only contain ' . $restriction;
exit;
}
if (strlen($uname) > 25) {
print 'Username can only be a maximum of 25 characters.';
exit;
}
if (eregi("^((root)|(adm)|(linux)|(webmaster)|(admin)|(god)|(administrator)|(administrador)|(nobody)|(anonymous)|(anonimo)|(anónimo)|(operator))$",$uname)) {
print 'Invalid username, username is reserved';
exit;
}
if (strrpos($uname,' ') > 0) {
print 'Username cannot contain spaces';
exit;
}
return $retval;
}
This doesn't return anything pretty, just a blank page with an error message. If anyone has the time I wouldn't mind seeing this display the error at the top of the user registration page. I just don't have the time, got enough to do to switch my site to Geeklog from MPN.
Up next, MPN forum and link conversion tools.
Enjoy.
Paul
Instructions:
Find the createuser function in users.php, after the following line:
$username = trim ($username);
add a call to the userCheck function:
userCheck($username);
Here's the userCheck function, cut and paste this to the end of your lib-custom.php.
// Based on function userCheck from MyPHPNuke
function userCheck($uname) {
global $_CONF,$_TABLES, $LANG04;
// Set uname_test_level below to choose how strict the check should be.
$uname_test_level = 0;
$strict = "^a-zA-Z0-9_"; // $uname_test_level = 0
$medium = $strict.",.$%#@!'""; // $uname_test_level = 1
$loose = $medium."?{}[]()^&*`~;:+="; // $uname_test_level = 2
switch($uname_test_level) {
case 0:
$restriction = $strict;
break;
case 1:
$restriction = $medium;
break;
case 2:
$restriction = $loose;
break;
}
if ((!$uname) || ($uname=="") || (ereg("[".$restriction."-]",$uname))) {
print 'Invalid username, username can only contain ' . $restriction;
exit;
}
if (strlen($uname) > 25) {
print 'Username can only be a maximum of 25 characters.';
exit;
}
if (eregi("^((root)|(adm)|(linux)|(webmaster)|(admin)|(god)|(administrator)|(administrador)|(nobody)|(anonymous)|(anonimo)|(anónimo)|(operator))$",$uname)) {
print 'Invalid username, username is reserved';
exit;
}
if (strrpos($uname,' ') > 0) {
print 'Username cannot contain spaces';
exit;
}
return $retval;
}
11
10
Quote
All times are EDT. The time is now 01:26 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content