Martin Atkins (mart) wrote in lj_dev,
Martin Atkins
mart
lj_dev

FIX: Check canonical username against reserved usernames

create.bml was comparing $FORM{'user'} against @LJ::PROTECTED_USERNAMES rather than $user, which has been shoved through LJ::canonical_username. The affect of this was that people could create lj_whatever by using hyphen instead of an underscore.

My patch fixes this by comparing against the canonicalised version instead.

I also rearranged the checks so that the "you must enter a username" thing can work on the canonicalised version, to reduce such oversights in the future. The canonical vs entered check had to go first because LJ::canonical_username returns an empty string if the username is invalid.

Simple stuff. I can't leave it running on my goathack because that machine will be in pain during the day tomorrow, I reckon. I'm sure you can see by the patch that it works, anyway... it's not exactly complicated.

Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 4 comments