Peter M. Groen / knowledgetree

Commit d9d42c7cea28ef6e1dde2ff894fc1be9b0b4bbe0

Authored by Yusuf Davids
1 parent 75b820a8

KTS-447 

"Validation improvements needed when adding a user or group"
Fixed. Added the preg match function to check for special characters. 

Committed By:Yusuf Davids
Reviewed By:Jalaloedien Abrahams

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@7616 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 10 additions and 0 deletions
plugins/ktcore/admin/userManagement.php
  View file @d9d42c7
@@ -500,11 +500,21 @@ class KTUserAdminDispatcher extends KTAdminDispatcher { @@ -500,11 +500,21 @@ class KTUserAdminDispatcher extends KTAdminDispatcher {
500 $this->errorRedirectTo('addUser', _kt("The passwords you specified do not match."), sprintf("old_search=%s&do_search=1", $old_search)); 500 $this->errorRedirectTo('addUser', _kt("The passwords you specified do not match."), sprintf("old_search=%s&do_search=1", $old_search));
501 } 501 }
502 502
  503 + if(preg_match('/[\!\$\#\%\^\&\*]/', $username)){
  504 + $this->errorRedirectTo('addUser', _kt("You have entered an invalid character in your username."));
  505 + }
  506 +
  507 + if(preg_match('/[\!\$\#\%\^\&\*]/', $name)){
  508 + $this->errorRedirectTo('addUser', _kt("You have entered an invalid character in your name."));
  509 + }
  510 +
503 $dupUser =& User::getByUserName($username); 511 $dupUser =& User::getByUserName($username);
504 if(!PEAR::isError($dupUser)) { 512 if(!PEAR::isError($dupUser)) {
505 $this->errorRedirectTo('addUser', _kt("A user with that username already exists")); 513 $this->errorRedirectTo('addUser', _kt("A user with that username already exists"));
506 } 514 }
507 515
  516 +
  517 +
508 $oUser =& User::createFromArray(array( 518 $oUser =& User::createFromArray(array(
509 "sUsername" => $username, 519 "sUsername" => $username,
510 "sName" => $name, 520 "sName" => $name,