diff options
author | Florian Pritz <bluewind@xinu.at> | 2012-04-09 14:02:21 +0200 |
---|---|---|
committer | Florian Pritz <bluewind@xinu.at> | 2012-04-09 20:48:19 +0200 |
commit | 0c444bfb9b1ae8b43a27973d8893693b5c40ac21 (patch) | |
tree | c13d0e092677d582e6d4b095de994ca5dbab03d7 /application/controllers | |
parent | ec1a30e1bc2c33db485140c51591126078425512 (diff) |
user/register: restrict username to a-z0-9
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/controllers')
-rw-r--r-- | application/controllers/user.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/application/controllers/user.php b/application/controllers/user.php index 67c3ccbb7..06ecc50dd 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -137,8 +137,8 @@ class User extends CI_Controller { $password = $this->input->post("password"); $password_confirm = $this->input->post("password_confirm"); - if (!$username) { - $error[]= "Invalid username."; + if (!$username || !preg_match("/^[a-z0-9]+$/", $username)) { + $error[]= "Invalid username (only a-z0-9 are allowed)."; } $this->load->helper("email"); |