stilbruch
/
tildechan
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added length restrictions on usernames and passwords for registration

This commit is contained in:
hayden 2019-06-29 19:44:37 -05:00
parent 5e4c6dd7fd
commit 702edc411a
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
register.php
View File

@ -19,10 +19,8 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
exit();
}
// mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT);
// assign the form contents to variables
// NOTE: all usernames are converted to lowercase
$username = strtolower($_POST['user'] ?? '');
$password = $_POST['pass'] ?? '';
$password_conf = $_POST["confirm_pass"] ?? '';
@ -33,6 +31,19 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($password != $password_conf) failed_register("passwords did not match");
if (strlen($password) > 32)) {
failed_register("passwords can be at most 32 characters long");
}
if (strlen($password) < 8)) {
failed_register("passwords must be at least 8 characters long");
}
if (strlen($username) > 32)) {
failed_register("usernames can be at most 32 characters long");
}
if (strlen($username) < 3)) {
failed_register("usernames must be at least 3 characters long");
}
// Check if the user already exists
$check_user_sql = "SELECT * FROM user WHERE username = ? LIMIT 1";
$stmt = mysqli_prepare($DB_CONN, $check_user_sql);