Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Piwik::checkValidLoginString(): allow "@" in login #1762

Closed
anonymous-piwik-user opened this Issue · 8 comments

3 participants

Anonymous Piwik user Anthon Pang Matthieu Aubry
Anonymous Piwik user

Currently, piwik explicitely forbid use of "@" in a user login. (only [a-zA-Z0-9-._] are allowed )

It doesn't make much sense to forbid the "@" and it make it impossible to integrate piwik with any service where the login is the email (such as lot of LDAP setup).

Anonymous Piwik user

Fixing this bug is really easy :

core/Piwik.php, line 1595

replace:

&& (preg_match('/^[A-Za-z0-9_.-]*$/', $userLogin) > 0))

By

&& (preg_match('/^[@A-Za-z0-9_.-]*$/', $userLogin) > 0))

Anonymous Piwik user

(I've tested it and it works great)

Anthon Pang
Collaborator

re: LDAP. Is this change necessary, given the LDAP plugin in #734?

Anonymous Piwik user

I guess it is because it looks like the http_auth plugin is more interesting anyway. Ldap is only use to do authentification, piwik still do the authorization.

Comments in the bug related to the http_auth plugin seems to think the same;-)

Matthieu Aubry
Owner

increasing priority, as it makes sense to allow @ in logins

Matthieu Aubry
Owner

(In [3381]) Fixes #1762

Anthon Pang
Collaborator

(In [3388]) refs #1762 - fix unit test

Anthon Pang
Collaborator

(In [3646]) fixes #1970, refs #1762 - add more unit tests

Anonymous Piwik user anonymous-piwik-user added this to the Piwik 1.1 milestone
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.