summaryrefslogtreecommitdiffstats
path: root/application/controllers
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2012-04-09 14:02:21 +0200
committerFlorian Pritz <bluewind@xinu.at>2012-04-09 20:48:19 +0200
commit0c444bfb9b1ae8b43a27973d8893693b5c40ac21 (patch)
treec13d0e092677d582e6d4b095de994ca5dbab03d7 /application/controllers
parentec1a30e1bc2c33db485140c51591126078425512 (diff)
user/register: restrict username to a-z0-9
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/controllers')
-rw-r--r--application/controllers/user.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/application/controllers/user.php b/application/controllers/user.php
index 67c3ccbb7..06ecc50dd 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -137,8 +137,8 @@ class User extends CI_Controller {
$password = $this->input->post("password");
$password_confirm = $this->input->post("password_confirm");
- if (!$username) {
- $error[]= "Invalid username.";
+ if (!$username || !preg_match("/^[a-z0-9]+$/", $username)) {
+ $error[]= "Invalid username (only a-z0-9 are allowed).";
}
$this->load->helper("email");