From 606bd0be6016993c57744446cd39b666c85e7342 Mon Sep 17 00:00:00 2001 From: Raroun Date: Tue, 30 Jan 2024 15:18:11 +0100 Subject: [PATCH] Check if nickname contains only US-ASCII and do not start with a digit Update Register.php --- src/Module/Register.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/src/Module/Register.php b/src/Module/Register.php index def750b3a8..5bf3aff8ff 100644 --- a/src/Module/Register.php +++ b/src/Module/Register.php @@ -284,7 +284,21 @@ class Register extends BaseModule $regdata = ['email' => $arr['email'], 'nickname' => $arr['nickname'], 'username' => $arr['username']]; DI::baseUrl()->redirect('register?' . http_build_query($regdata)); } - + + //Check if nickname contains only US-ASCII and do not start with a digit + if (!preg_match('/^[a-zA-Z][a-zA-Z0-9]*$/', $arr['nickname'])) { + if (is_numeric(substr($arr['nickname'], 0, 1))) { + Logger::info('Nickname with a leading digit not allowed', $arr); + DI::sysmsg()->addNotice(DI::l10n()->t("Nickname cannot start with a digit.")); + } else { + Logger::info('nickname with non us-ascii characters not allowed', $arr); + DI::sysmsg()->addNotice(DI::l10n()->t("Nickname can only contain US-ASCII characters.")); + } + $regdata = ['email' => $arr['email'], 'nickname' => $arr['nickname'], 'username' => $arr['username']]; + DI::baseUrl()->redirect('register?' . http_build_query($regdata)); + return; + } + $arr['blocked'] = $blocked; $arr['verified'] = $verified; $arr['language'] = L10n::detectLanguage($_SERVER, $_GET, DI::config()->get('system', 'language'));