Skip to content
Permalink
Browse files

allow all ISO-8859-1 letters in user names and passwords; updates #212

  • Loading branch information...
following5 committed Aug 31, 2015
1 parent 8420688 commit 1fdeacb145320e2136627073e39acce47bc36551

Large diffs are not rendered by default.

Oops, something went wrong.
@@ -23,11 +23,13 @@
define('RE_INSERT_AUTOUUID', 8); // if empty, UUID is generated by before insert trigger (not supported for primary key fields)
define('RE_INSERT_NOW', 16); // NOW()
define('REGEX_USERNAME', '^[a-zA-Z0-9\.\-_@äüöÄÜÖ=)(\/\\\&*+~#][a-zA-Z0-9\.\-_ @äüöÄÜÖ=)(\/\\\&*+~#]{1,58}[a-zA-Z0-9\.\-_@äüöÄÜÖ=)(\/\\\&*+~#]$'); // if chars changed, ajust webchat.php // // min. 4 -> 3 chars -- following 2012-8-6
define('REGEX_PASSWORD', '^[a-zA-Z0-9\.\-_ @äüöÄÜÖ=)(\/\\\&*+~#]{3,60}$');
define('REGEX_LAST_NAME', '^[a-zA-Z][a-zA-Z0-9\.\- äüöÄÜÖ]{1,59}$');
define('REGEX_FIRST_NAME', '^[a-zA-Z][a-zA-Z0-9\.\- äüöÄÜÖ]{1,59}$');
define('REGEX_STATPIC_TEXT', '^[a-zA-Z0-9\.\-_ @äüöÄÜÖß=)(\/\\\&*\$+~#!§%;,-?:\[\]{}¹²³\'\"`\|µ°\%]{0,30}$');
define('EUROPEAN_LETTERS', 'A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ');
// ASCII + ISO-8859-1 0xC0..0xFF; if chars change, adjust webchat.php
define('REGEX_USERNAME', '^['.EUROPEAN_LETTERS.'0-9\.\-_@=)(\/\\\&*+~#]['.EUROPEAN_LETTERS.'0-9\.\-_ @=)(\/\\\&*+~#]{1,58}['.EUROPEAN_LETTERS.'0-9\.\-_@=)(\/\\\&*+~#]$');
define('REGEX_PASSWORD', '^['.EUROPEAN_LETTERS.'0-9\.\-_ @=)(\/\\\&*+~#]{3,60}$');
define('REGEX_LAST_NAME', '^['.EUROPEAN_LETTERS.']['.EUROPEAN_LETTERS.'0-9\.\- ]{1,58}['.EUROPEAN_LETTERS.'0-9\.]$');
define('REGEX_FIRST_NAME', REGEX_LAST_NAME);
define('REGEX_STATPIC_TEXT', '^['.EUROPEAN_LETTERS.'0-9\.\-_ @=)(\/\\\&*\$+~#!§%;,-?:\[\]{}¹²³\'\"`\|µ°\%]{0,30}$');
define('ADMIN_TRANSLATE', 1); // edit translation
define('ADMIN_MAINTAINANCE', 2); // check table etc.
@@ -51,8 +51,8 @@ function change()
// set user properties
if (isset($_REQUEST['username']))
{
$tpl->assign('username', $_REQUEST['username']);
if (!$user->setUsername($_REQUEST['username']))
$tpl->assign('username', trim($_REQUEST['username']));
if (!$user->setUsername(trim($_REQUEST['username'])))
{
$tpl->assign('usernameErrorInvalidChars', true);
$bError = true;
@@ -61,8 +61,8 @@ function change()
if (isset($_REQUEST['firstName']))
{
$tpl->assign('firstName', $_REQUEST['firstName']);
if (!$user->setFirstName($_REQUEST['firstName']))
$tpl->assign('firstName', trim($_REQUEST['firstName']));
if (!$user->setFirstName(trim($_REQUEST['firstName'])))
{
$tpl->assign('firstNameError', true);
$bError = true;
@@ -71,8 +71,8 @@ function change()
if (isset($_REQUEST['lastName']))
{
$tpl->assign('lastName', $_REQUEST['lastName']);
if (!$user->setLastName($_REQUEST['lastName']))
$tpl->assign('lastName', trim($_REQUEST['lastName']));
if (!$user->setLastName(trim($_REQUEST['lastName'])))
{
$tpl->assign('lastNameError', true);
$bError = true;
@@ -29,7 +29,7 @@
{if $edit==true}
<input type="text" name="username" class="public-setting" value="{$username|escape}" maxlength="60" size="30" />
{if $usernameErrorInvalidChars==true}
<span class="errormsg">{t}The username is not valid.{/t}</span>
<span class="errormsg">{t}The username contains invalid characters.{/t}</span>
{elseif $errorUsernameExist==true}
<span class="errormsg">{t}There already exists an account with that username.{/t}</span>
{/if}
@@ -13,8 +13,7 @@
<li>{t}Do not use common geocaching words{/t}</li>
<li>{t}Do not use dictionary words like 'master'{/t}</li>
<li>{t}Do not use easy-to-guess number and letter sequences like '123456' or 'qwerty'{/t}</i>
<li>{t}Not all special characters are allowed. You may only use{/t}<br />
{t}a-z A-Z 0-9 and .-_ @&auml;&uuml;&ouml;&Auml;&Uuml;&Ouml;=)(/\&amp;*+~#{/t}</li>
<li>{t}Not all characters are allowed. You may only use latin-European letters, 0-9 and .-_ @=)(/\&amp;*+~#.{/t}</li>
</ul>
{t}This rules ensures that your password cannot be guessed by an automated script.{/t}
</span>
@@ -33,14 +33,15 @@
/*
* OC allows alphanumeric chars in username and
* . - _ @ ä ü ö Ä Ü Ö = ) ( / \ & * + ~ #
* OC allows ISO-8859-1 letters in usernames and
* 0-9 . - _ @ = ) ( / \ & * + ~ #
*
* IRC allows alphanumeric chars in nick and:
* _ - \ [ ] { } ^ ` |
* IRC allows ASCII letters in nick and
* 0-9 _ - \ [ ] { } ^ ` |
*
* so we have to convert the following chars before urlencoding it:
* . @ ä ü ö Ä Ü Ö = ) ( / & * + ~ #
* . @ = ) ( / & * + ~ #
* ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ
*/
/*
@@ -51,20 +52,11 @@ function urlEncodeString($string)
{
return translateString(
$string,
// chars/encodings allowed in username see const REGEX_USERNAME
// . - _ @ ä ü ö Ä Ü Ö = ) ( / \ & * + ~ #
// (ajust if regex is changed)
array(
'.' => '%2E',
'-' => '%2D',
'_' => '%5F',
'@' => '%40',
'ä' => '%E4',
'ü' => '%FC',
'ö' => '%F6',
'Ä' => '%C4',
'Ü' => '%DC',
'Ö' => '%D6',
'=' => '%3D',
')' => '%29',
'(' => '%28',
@@ -91,12 +83,6 @@ function ircConvertString($string)
array(
'.' => '',
'@' => '{at}',
'ä' => 'ae',
'ü' => 'ue',
'ö' => 'oe',
'Ä' => 'Ae',
'Ü' => 'Ue',
'Ö' => 'Oe',
'=' => '-',
')' => '}',
'(' => '{',
@@ -106,6 +92,70 @@ function ircConvertString($string)
'+' => '',
'~' => '-',
'#' => '',
'À' => 'A',
'Á' => 'A',
'Â' => 'A',
'Ã' => 'A',
'Ä' => 'Ae',
'Å' => 'A',
'Æ' => 'AE',
'Ç' => 'C',
'È' => 'E',
'É' => 'E',
'Ê' => 'E',
'Ë' => 'E',
'Ì' => 'I',
'Í' => 'I',
'Î' => 'I',
'Ï' => 'I',
'Ð' => 'D',
'Ñ' => 'N',
'Ò' => 'O',
'Ó' => 'O',
'Ô' => 'O',
'Õ' => 'O',
'Ö' => 'Oe',
'×' => 'x',
'Ø' => 'O',
'Ù' => 'U',
'Ú' => 'U',
'Û' => 'U',
'Ü' => 'Ue',
'Ý' => 'Y',
'Þ' => '',
'ß' => 'ss',
'à' => 'a',
'á' => 'a',
'â' => 'a',
'ã' => 'a',
'ä' => 'ae',
'å' => 'a',
'æ' => 'ae',
'ç' => 'c',
'è' => 'e',
'é' => 'e',
'ê' => 'e',
'ë' => 'e',
'ì' => 'i',
'í' => 'i',
'î' => 'i',
'ï' => 'i',
'ð' => 'd',
'ñ' => 'n',
'ò' => 'o',
'ó' => 'o',
'ô' => 'o',
'õ' => 'o',
'ö' => 'oe',
'÷' => '',
'ø' => 'o',
'ù' => 'u',
'ú' => 'u',
'û' => 'u',
'ü' => 'ue',
'ý' => 'y',
'þ' => '',
'ÿ' => 'y',
));
}

0 comments on commit 1fdeacb

Please sign in to comment.
You can’t perform that action at this time.