- Patch #266488 by Damien Tournoud: cleanup for user_validate_name().

32afb329 · Dries · 66ddfda7 · 32afb329 · 32afb329
Commit 32afb329 authored Jun 27, 2008 by Dries
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -356,11 +356,21 @@ function user_save($account, $array = array(), $category = 'account') {
 * Verify the syntax of the given name.
 */
 function user_validate_name($name) {
-  if (!strlen($name)) return t('You must enter a username.');
-  if (substr($name, 0, 1) == ' ') return t('The username cannot begin with a space.');
-  if (substr($name, -1) == ' ') return t('The username cannot end with a space.');
-  if (strpos($name, '  ') !== FALSE) return t('The username cannot contain multiple spaces in a row.');
-  if (ereg("[^\x80-\xF7 [:alnum:]@_.-]", $name)) return t('The username contains an illegal character.');
+  if (!$name) {
+    return t('You must enter a username.');
+  }
+  if (substr($name, 0, 1) == ' ') {
+    return t('The username cannot begin with a space.');
+  }
+  if (substr($name, -1) == ' ') {
+    return t('The username cannot end with a space.');
+  }
+  if (strpos($name, '  ') !== FALSE) {
+    return t('The username cannot contain multiple spaces in a row.');
+  }
+  if (preg_match('/[^\x{80}-\x{F7} a-z0-9@_.\'-]/i', $name)) {
+    return t('The username contains an illegal character.');
+  }
  if (preg_match('/[\x{80}-\x{A0}' .         // Non-printable ISO-8859-1 + NBSP
                   '\x{AD}' .                // Soft-hyphen
                   '\x{2000}-\x{200F}' .     // Various space characters
@@ -369,12 +379,13 @@ function user_validate_name($name) {
                   '\x{FEFF}' .              // Byte order mark
                   '\x{FF01}-\x{FF60}' .     // Full-width latin
                   '\x{FFF9}-\x{FFFD}' .     // Replacement characters
-                   '\x{0}]/u',               // NULL byte
+                   '\x{0}-\x{1F}]/u',        // NULL byte and control characters
                   $name)) {
    return t('The username contains an illegal character.');
  }
-  if (strpos($name, '@') !== FALSE && !eregi('@([0-9a-z](-?[0-9a-z])*.)+[a-z]{2}([zmuvtg]|fo|me)?$', $name)) return t('The username is not a valid authentication ID.');
-  if (strlen($name) > USERNAME_MAX_LENGTH) return t('The username %name is too long: it must be %max characters or less.', array('%name' => $name, '%max' => USERNAME_MAX_LENGTH));
+  if (drupal_strlen($name) > USERNAME_MAX_LENGTH) {
+    return t('The username %name is too long: it must be %max characters or less.', array('%name' => $name, '%max' => USERNAME_MAX_LENGTH));
+  }
 }

 function user_validate_mail($mail) {
@@ -1401,7 +1412,7 @@ function user_edit_form(&$form_state, $uid, $edit, $register = FALSE) {
      '#title' => t('Username'),
      '#default_value' => $edit['name'],
      '#maxlength' => USERNAME_MAX_LENGTH,
-      '#description' => t('Spaces are allowed; punctuation is not allowed except for periods, hyphens, and underscores.'),
+      '#description' => t('Spaces are allowed; punctuation is not allowed except for periods, hyphens, apostrophes, and underscores.'),
      '#required' => TRUE,
    );
  }

--- a/modules/user/user.test
+++ b/modules/user/user.test
@@ -126,19 +126,19 @@ class UserValidationTestCase extends DrupalWebTestCase {
      'foo@-example.com'       => array('Valid username', 'assertNull'), // invalid domains are allowed in usernames
      'þòøÇßªř€'               => array('Valid username', 'assertNull'),
      'ᚠᛇᚻ᛫ᛒᛦᚦ'                => array('Valid UTF8 username', 'assertNull'), // runes
-      ' foo'                   => array('Username that starts with a space', 'assertNotNull'),
-      'foo '                   => array('Username that ends with a space', 'assertNotNull'),
-      'foo  bar'               => array('Username that contains 2 spaces \'&nbsp;&nbsp;\'', 'assertNotNull'),
-      ''                       => array('Empty username', 'assertNotNull'),
-      'foo/'                   => array('Invalid chars in username', 'assertNotNull'),
-      'foo' . chr(0) . 'bar'   => array('chr(0) in username', 'assertNotNull'), // NULL
-      'foo' . chr(13) . 'bar'  => array('chr(13) in username', 'assertNotNull'), // CR
-      str_repeat('x', USERNAME_MAX_LENGTH + 1) => array('Excessively long username', 'assertNotNull'),
+      ' foo'                   => array('Invalid username that starts with a space', 'assertNotNull'),
+      'foo '                   => array('Invalid username that ends with a space', 'assertNotNull'),
+      'foo  bar'               => array('Invalid username that contains 2 spaces \'&nbsp;&nbsp;\'', 'assertNotNull'),
+      ''                       => array('Invalid empty username', 'assertNotNull'),
+      'foo/'                   => array('Invalid username containing invalid chars', 'assertNotNull'),
+      'foo' . chr(0) . 'bar'   => array('Invalid username containing chr(0)', 'assertNotNull'), // NULL
+      'foo' . chr(13) . 'bar'  => array('Invalid username containing chr(13)', 'assertNotNull'), // CR
+      str_repeat('x', USERNAME_MAX_LENGTH + 1) => array('Invalid excessively long username', 'assertNotNull'),
    );
    foreach ($test_cases as $name => $test_case) {
      list($description, $test) = $test_case;
      $result = user_validate_name($name);
-      $this->$test($result, $description . ' ('. $name . '). %s');
+      $this->$test($result, $description . ' ('. $name . ')');
    }
  }

@@ -152,7 +152,7 @@ class UserValidationTestCase extends DrupalWebTestCase {
    foreach ($test_cases as $name => $test_case) {
      list($description, $test) = $test_case;
      $result = user_validate_mail($name);
-      $this->$test($result, $description . ' (' . $name . '). %s');
+      $this->$test($result, $description . ' (' . $name . ')');
    }
  }
 }