add constants for USER/PASS/REAL length ( partially raised in 0008596:…

… Unable to log in using username with more than 32 characters )
mantisbt · Nov 30, 2008 · 80bcdfc · 80bcdfc
1 parent 0a2a806
commit 80bcdfc
Show file tree

Hide file tree

Showing 9 changed files with 25 additions and 20 deletions.
diff --git a/account_page.php b/account_page.php
@@ -154,7 +154,7 @@
 			<?php } ?>
 		</td>
 		<td>
-			<input type="password" size="32" maxlength="32" name="password" />
+			<input type="password" size="32" maxlength="<?php echo PASSLEN;?>" name="password" />
 		</td>
 	</tr>
 
@@ -167,7 +167,7 @@
 			<?php } ?>
 		</td>
 		<td>
-			<input type="password" size="32" maxlength="32" name="password_confirm" />
+			<input type="password" size="32" maxlength="<?php echo PASSLEN;?>" name="password_confirm" />
 		</td>
 	</tr>
 
@@ -205,7 +205,7 @@
 			<?php echo lang_get( 'realname' ) ?>
 		</td>
 		<td>
-			<input type="text" size="32" maxlength="64" name="realname" value="<?php echo string_attribute( $u_realname ) ?>" />
+			<input type="text" size="32" maxlength="<?php echo REALLEN;?>" name="realname" value="<?php echo string_attribute( $u_realname ) ?>" />
 		</td>
 	</tr>
 

diff --git a/core/authentication_api.php b/core/authentication_api.php
@@ -380,7 +380,7 @@ function auth_does_password_match( $p_user_id, $p_test_password ) {
  * @param string $p_password
  * @param string $p_salt salt, defaults to null
  * @param string $p_method logon method, defaults to null (use config login method)
- * @return string processed password, maximum 32 chars in length
+ * @return string processed password, maximum PASSLEN chars in length
  * @access public
  */
  function auth_process_plain_password( $p_password, $p_salt = null, $p_method = null ) {
@@ -406,8 +406,8 @@ function auth_process_plain_password( $p_password, $p_salt = null, $p_method = n
 			break;
 	}
 
-	# cut this off to 32 cahracters which the largest possible string in the database
-	return substr( $t_processed_password, 0, 32 );
+	# cut this off to PASSLEN cahracters which the largest possible string in the database
+	return substr( $t_processed_password, 0, PASSLEN );
 }
 
 /**
@@ -685,12 +685,12 @@ function auth_reauthenticate_page( $p_user_id, $p_username ) {
 
 <tr class="row-1">
 	<td class="category"><?php echo lang_get( 'username' );?></td>
-	<td><input type="text" disabled="disabled" size="32" maxlength="32" value="<?php echo $p_username;?>" /></td>
+	<td><input type="text" disabled="disabled" size="32" maxlength="<?php echo USERLEN;?>" value="<?php echo $p_username;?>" /></td>
 </tr>
 
 <tr class="row-2">
 	<td class="category"><?php echo lang_get( 'password' );?></td>
-	<td><input type="password" name="password" size="16" maxlength="32" /></td>
+	<td><input type="password" name="password" size="16" maxlength="<?php echo PASSLEN;?>" /></td>
 </tr>
 
 <tr>

diff --git a/core/constant_inc.php b/core/constant_inc.php
@@ -468,3 +468,8 @@
 define( 'PHPMAILER_METHOD_MAIL',		0 );
 define( 'PHPMAILER_METHOD_SENDMAIL',	1 );
 define( 'PHPMAILER_METHOD_SMTP',		2 );
+
+# Lengths - NOTE: these may represent hard-coded values in db schema and should not be changed.
+define( 'USERLEN', 32);
+define( 'REALLEN', 64);
+define( 'PASSLEN', 32);
diff --git a/core/user_api.php b/core/user_api.php
@@ -283,8 +283,8 @@ function user_ensure_realname_valid( $p_realname ) {
 # Return true if it is, false otherwise
 function user_is_name_valid( $p_username ) {
 
-	# The DB field is only 32 characters
-	if( strlen( $p_username ) > 32 ) {
+	# The DB field is hard-coded. USERLEN should not be modified.
+	if( strlen( $p_username ) > USERLEN ) {
 		return false;
 	}
 

diff --git a/login_page.php b/login_page.php
@@ -99,15 +99,15 @@
 		<?php echo lang_get( 'username' ) ?>
 	</td>
 	<td width="75%">
-		<input type="text" name="username" size="32" maxlength="32" />
+		<input type="text" name="username" size="32" maxlength="<?php echo USERLEN;?>" />
 	</td>
 </tr>
 <tr class="row-2">
 	<td class="category">
 		<?php echo lang_get( 'password' ) ?>
 	</td>
 	<td>
-		<input type="password" name="password" size="16" maxlength="32" />
+		<input type="password" name="password" size="16" maxlength="<?php echo PASSLEN;?>" />
 	</td>
 </tr>
 <tr class="row-1">

diff --git a/lost_pwd_page.php b/lost_pwd_page.php
@@ -56,7 +56,7 @@
 		<?php echo lang_get( 'username' ) ?>
 	</td>
 	<td width="75%">
-		<input type="text" name="username" size="32" maxlength="32" />
+		<input type="text" name="username" size="32" maxlength="<?php echo USERLEN;?>" />
 	</td>
 </tr>
 <tr class="row-2">

diff --git a/manage_user_create_page.php b/manage_user_create_page.php
@@ -49,15 +49,15 @@
 		<?php echo lang_get( 'username' ) ?>
 	</td>
 	<td width="75%">
-		<input type="text" name="username" size="32" maxlength="32" />
+		<input type="text" name="username" size="32" maxlength="<?php echo USERLEN;?>" />
 	</td>
 </tr>
 <tr <?php echo helper_alternate_class() ?>>
 	<td class="category">
 		<?php echo lang_get( 'realname' ) ?>
 	</td>
 	<td>
-		<input type="text" name="realname" size="32" maxlength="32" />
+		<input type="text" name="realname" size="32" maxlength="<?php echo REALLEN;?>" />
 	</td>
 </tr>
 <tr <?php echo helper_alternate_class() ?>>
@@ -76,15 +76,15 @@
 		<?php echo lang_get( 'password' ) ?>
 	</td>
 	<td>
-		<input type="password" name="password" size="32" maxlength="32" />
+		<input type="password" name="password" size="32" maxlength="<?php echo PASSLEN;?>" />
 	</td>
 </tr>
 <tr <?php echo helper_alternate_class() ?>>
 	<td class="category">
 		<?php echo lang_get( 'verify_password' ) ?>
 	</td>
 	<td>
-		<input type="password" name="password_verify" size="32" maxlength="32" />
+		<input type="password" name="password_verify" size="32" maxlength="<?php echo PASSLEN;?>" />
 	</td>
 </tr>
 <?php

diff --git a/manage_user_edit_page.php b/manage_user_edit_page.php
@@ -72,7 +72,7 @@
 		<?php echo lang_get( 'username' ) ?>:
 	</td>
 	<td width="70%">
-		<input type="text" size="16" maxlength="32" name="username" value="<?php echo $t_user['username'] ?>" />
+		<input type="text" size="16" maxlength="<?php echo USERLEN;?>" name="username" value="<?php echo $t_user['username'] ?>" />
 	</td>
 </tr>
 
@@ -82,7 +82,7 @@
 		<?php echo lang_get( 'realname' ) ?>:
 	</td>
 	<td width="70%">
-		<input type="text" size="16" maxlength="100" name="realname" value="<?php echo string_attribute( $t_user['realname'] ) ?>" />
+		<input type="text" size="16" maxlength="<?php echo REALLEN;?>" name="realname" value="<?php echo string_attribute( $t_user['realname'] ) ?>" />
 	</td>
 </tr>
 

diff --git a/signup_page.php b/signup_page.php
@@ -51,7 +51,7 @@
 		<?php echo lang_get( 'username' ) ?>:
 	</td>
 	<td width="70%" colspan="2">
-		<input type="text" name="username" size="32" maxlength="32" />
+		<input type="text" name="username" size="32" maxlength="<?php echo USERLEN;?>" />
 	</td>
 </tr>
 <tr class="row-2">