Fossil SCM
Disallow user-choosen UserIDs that begin with "anonymous" or other reserved names.
Commit
a7e9dd53ef600974282799011bc7dc3758266b63e9ca51f43104eb679d584ab1
Parent
19e6905cd218ac9…
1 file changed
+7
+7
| --- src/login.c | ||
| +++ src/login.c | ||
| @@ -1990,10 +1990,17 @@ | ||
| 1990 | 1990 | iErrLine = 1; |
| 1991 | 1991 | zErr = "User ID too short. Must be at least 6 characters."; |
| 1992 | 1992 | }else if( sqlite3_strglob("*[^-a-zA-Z0-9_.]*",zUserID)==0 ){ |
| 1993 | 1993 | iErrLine = 1; |
| 1994 | 1994 | zErr = "User ID may not contain spaces or special characters."; |
| 1995 | + }else if( sqlite3_strlike("anonymous%", zUserID, 0)==0 | |
| 1996 | + || sqlite3_strlike("nobody%", zUserID, 0)==0 | |
| 1997 | + || sqlite3_strlike("reader%", zUserID, 0)==0 | |
| 1998 | + || sqlite3_strlike("developer%", zUserID, 0)==0 | |
| 1999 | + ){ | |
| 2000 | + iErrLine = 1; | |
| 2001 | + zErr = "This User ID is reserved. Choose something different."; | |
| 1995 | 2002 | }else if( zDName[0]==0 ){ |
| 1996 | 2003 | iErrLine = 2; |
| 1997 | 2004 | zErr = "Required"; |
| 1998 | 2005 | }else if( zEAddr[0]==0 ){ |
| 1999 | 2006 | iErrLine = 3; |
| 2000 | 2007 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -1990,10 +1990,17 @@ | |
| 1990 | iErrLine = 1; |
| 1991 | zErr = "User ID too short. Must be at least 6 characters."; |
| 1992 | }else if( sqlite3_strglob("*[^-a-zA-Z0-9_.]*",zUserID)==0 ){ |
| 1993 | iErrLine = 1; |
| 1994 | zErr = "User ID may not contain spaces or special characters."; |
| 1995 | }else if( zDName[0]==0 ){ |
| 1996 | iErrLine = 2; |
| 1997 | zErr = "Required"; |
| 1998 | }else if( zEAddr[0]==0 ){ |
| 1999 | iErrLine = 3; |
| 2000 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -1990,10 +1990,17 @@ | |
| 1990 | iErrLine = 1; |
| 1991 | zErr = "User ID too short. Must be at least 6 characters."; |
| 1992 | }else if( sqlite3_strglob("*[^-a-zA-Z0-9_.]*",zUserID)==0 ){ |
| 1993 | iErrLine = 1; |
| 1994 | zErr = "User ID may not contain spaces or special characters."; |
| 1995 | }else if( sqlite3_strlike("anonymous%", zUserID, 0)==0 |
| 1996 | || sqlite3_strlike("nobody%", zUserID, 0)==0 |
| 1997 | || sqlite3_strlike("reader%", zUserID, 0)==0 |
| 1998 | || sqlite3_strlike("developer%", zUserID, 0)==0 |
| 1999 | ){ |
| 2000 | iErrLine = 1; |
| 2001 | zErr = "This User ID is reserved. Choose something different."; |
| 2002 | }else if( zDName[0]==0 ){ |
| 2003 | iErrLine = 2; |
| 2004 | zErr = "Required"; |
| 2005 | }else if( zEAddr[0]==0 ){ |
| 2006 | iErrLine = 3; |
| 2007 |