Welcome to Geeklog Wednesday, July 17 2019 @ 09:13 pm EDT

Geeklog Forums

New function: restricting characters in username


Status: offline

paulmon

Forum User
Newbie
Registered: 22/11/03
Posts: 11
I'm in the process of moving from MyPHPNuke to Geeklog and came across something that left me speechless. It seems Geeklog allows ANY character to be used as a username, including HTML and things like !@#$%^&*()| . So in place of posting and whinning I've come up with a fix. The following function should be placed in lib-custom.php and is based on an equivelent function from MPN. Basically it will allow you three levels of username, loose, medium and strict where strict is more or less only alphanumeric, my preference. To use this function, this is the sucky part, you have to add a line to users.php to call the userCheck function. Not perfect but not the end of the world. This has only been tested on GL 1.3.8.

This doesn't return anything pretty, just a blank page with an error message. If anyone has the time I wouldn't mind seeing this display the error at the top of the user registration page. I just don't have the time, got enough to do to switch my site to Geeklog from MPN.

Up next, MPN forum and link conversion tools.

Enjoy.

Paul


Instructions:

Find the createuser function in users.php, after the following line:

$username = trim ($username);

add a call to the userCheck function:

userCheck($username);

Here's the userCheck function, cut and paste this to the end of your lib-custom.php.



// Based on function userCheck from MyPHPNuke

function userCheck($uname) {
global $_CONF,$_TABLES, $LANG04;

// Set uname_test_level below to choose how strict the check should be.

$uname_test_level = 0;

$strict = "^a-zA-Z0-9_"; // $uname_test_level = 0
$medium = $strict.",.$%#@!'""; // $uname_test_level = 1
$loose = $medium."?{}[]()^&*`~;:+="; // $uname_test_level = 2
switch($uname_test_level) {
case 0:
$restriction = $strict;
break;
case 1:
$restriction = $medium;
break;
case 2:
$restriction = $loose;
break;
}
if ((!$uname) || ($uname=="") || (ereg("[".$restriction."-]",$uname))) {
print 'Invalid username, username can only contain ' . $restriction;
exit;
}
if (strlen($uname) > 25) {
print 'Username can only be a maximum of 25 characters.';
exit;
}
if (eregi("^((root)|(adm)|(linux)|(webmaster)|(admin)|(god)|(administrator)|(administrador)|(nobody)|(anonymous)|(anonimo)|(anónimo)|(operator))$",$uname)) {
print 'Invalid username, username is reserved';
exit;
}
if (strrpos($uname,' ') > 0) {
print 'Username cannot contain spaces';
exit;
}

return $retval;

}

All times are EDT. The time is now 09:13 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content