added length restrictions on usernames and passwords for registration
This commit is contained in:
parent
5e4c6dd7fd
commit
702edc411a
15
register.php
15
register.php
|
@ -19,10 +19,8 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||
exit();
|
||||
}
|
||||
|
||||
// mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT);
|
||||
// assign the form contents to variables
|
||||
// NOTE: all usernames are converted to lowercase
|
||||
|
||||
$username = strtolower($_POST['user'] ?? '');
|
||||
$password = $_POST['pass'] ?? '';
|
||||
$password_conf = $_POST["confirm_pass"] ?? '';
|
||||
|
@ -33,6 +31,19 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||
|
||||
if ($password != $password_conf) failed_register("passwords did not match");
|
||||
|
||||
if (strlen($password) > 32)) {
|
||||
failed_register("passwords can be at most 32 characters long");
|
||||
}
|
||||
if (strlen($password) < 8)) {
|
||||
failed_register("passwords must be at least 8 characters long");
|
||||
}
|
||||
if (strlen($username) > 32)) {
|
||||
failed_register("usernames can be at most 32 characters long");
|
||||
}
|
||||
if (strlen($username) < 3)) {
|
||||
failed_register("usernames must be at least 3 characters long");
|
||||
}
|
||||
|
||||
// Check if the user already exists
|
||||
$check_user_sql = "SELECT * FROM user WHERE username = ? LIMIT 1";
|
||||
$stmt = mysqli_prepare($DB_CONN, $check_user_sql);
|
||||
|
|
Loading…
Reference in New Issue