zinricky
/
tilde.team
forked from team/site
1
0
Fork 0
Code Pull Requests Activity

check against reserved usernames

This commit is contained in:
Ben Harris 2018-06-20 12:02:28 -04:00
parent bb0fad1213
commit a0357d0178
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
signup/signup-handler.php
View File

@ -4,6 +4,8 @@ require __DIR__.'/../vendor/autoload.php';
if ($_SERVER["SERVER_NAME"] != "localhost")
require_once "/home/ben/ultimate-email/support/smtp.php";
$reserved_names = ['git', 'irc', 'mail', 'pad', 'sudo', 'root', 'admin', 'postmaster', 'paste', 'quotes'];
$message = "";
if (isset($_REQUEST["username"]) && isset($_REQUEST["email"])) {
// Check the name.
@ -14,7 +16,7 @@ if (isset($_REQUEST["username"]) && isset($_REQUEST["email"])) {
$message .= "<li>username too long (32 character max)</li>";
if (!preg_match('/^[A-Za-z][A-Za-z0-9]{2,31}$/', $name))
$message .= "<li>username contains invalid characters (lowercase only, must start with a letter)</li>";
if (posix_getpwnam($name))
if (posix_getpwnam($name) || in_array($name, $reserved_names))
$message .= "<li>sorry, the username $name is unavailable</li>";
// Check the e-mail address.

2
wiki/index.php
View File

@ -22,7 +22,7 @@ if (!isset($_GET["page"]) || !file_exists("pages/{$_GET['page']}.md")) {
<meta property='og:title' content='$title'>
<meta property='og:type' content='website'>
<meta property='og:image' content='https://tilde.team/apple-icon.png'>
<meta property='og:url' content='https://tilde.team/{$_SERVER['REQUEST_URI']}'>
<meta property='og:url' content='https://tilde.team{$_SERVER['REQUEST_URI']}'>
<meta property='og:description' content='tilde.team wiki'>
<meta property='og:site_name' content='tilde.team wiki'>
";