From fd5d406cee52da3aa28475b2418c1787e3489da2 Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Mon, 9 Apr 2012 14:03:48 +0200
Subject: user/register: restrict username to max 32 chars

The db field is 32 chars long.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 application/controllers/user.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'application')

diff --git a/application/controllers/user.php b/application/controllers/user.php
index 06ecc50dd..94791a5c0 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -137,7 +137,7 @@ class User extends CI_Controller {
 			$password = $this->input->post("password");
 			$password_confirm = $this->input->post("password_confirm");
 
-			if (!$username || !preg_match("/^[a-z0-9]+$/", $username)) {
+			if (!$username || strlen($username) > 32 || !preg_match("/^[a-z0-9]+$/", $username)) {
 				$error[]= "Invalid username (only a-z0-9 are allowed).";
 			}
 
-- 
cgit v1.2.3-24-g4f1b