diff --git a/signup/signup-handler.php b/signup/signup-handler.php index 80ebfe4..86ddb1c 100644 --- a/signup/signup-handler.php +++ b/signup/signup-handler.php @@ -65,10 +65,21 @@ if (isset($_REQUEST["username"]) && isset($_REQUEST["email"])) { $name = trim($_REQUEST["username"]); if ($name == "") $message .= "
  • please fill in your desired username
    • "; + if (strlen($name) > 32) $message .= "
  • username too long (32 character max)
    • "; + if (!preg_match('/^[a-z][a-z0-9]{2,31}$/', $name)) $message .= "
  • username contains invalid characters (lowercase only, must start with a letter)
    • "; + + if ($_REQUEST["sshkey"] == "") + $message .= '
  • ssh key required: please create one and submit the public key. ' + . 'see our ssh wiki or ' + . 'hop on irc and ask for help
    • '; + + if ($_REQUEST["interest"] == "") + $message .= "
  • please explain why you're interested so we can make sure you're a real human being
    • "; + if (posix_getpwnam($name) || forbidden_name($name)) $message .= "
  • sorry, the username $name is unavailable
    • "; @@ -84,25 +95,20 @@ if (isset($_REQUEST["username"]) && isset($_REQUEST["email"])) { $message .= "
  • invalid email address. did you mean: " . htmlspecialchars($result["email"]) . "
    • "; } - if ($_REQUEST["sshkey"] == "") { - $message .= "
  • ssh key required: please create one and submit the public key
    • "; - } - - if ($message == "") { // no validation errors + // no validation errors + if ($message == "") { $msgbody = " -desired username: {$_REQUEST["username"]} -contact email: {$_REQUEST["email"]} +username: {$_REQUEST["username"]} +email: {$_REQUEST["email"]} reason: {$_REQUEST["interest"]} -ssh key: -{$_REQUEST["sshkey"]} makeuser {$_REQUEST["username"]} {$_REQUEST["email"]} \"{$_REQUEST["sshkey"]}\" "; if (mail('sudoers', 'new tilde.team signup', $msgbody)) { echo ''; } else { echo '