From 0b26a9cd485d5b1ed509d9da998780d8b658eb8a Mon Sep 17 00:00:00 2001
From: Cflip <36554078+cflip@users.noreply.github.com>
Date: Sat, 23 Jan 2021 11:56:41 -0700
Subject: Improved validation in signup page
---
register.php | 46 ++++++++++++++++++++++++++++++++++++++--------
1 file changed, 38 insertions(+), 8 deletions(-)
diff --git a/register.php b/register.php
index d167c2e..a318170 100644
--- a/register.php
+++ b/register.php
@@ -11,15 +11,32 @@
+
30) {
$errors[] = "Your username must be 30 characters or less.";
}
+
+ if (username_exists($dbc, $user_name) !== false) {
+ $errors[] = "The username '" . $user_name . "' has already been taken by another user.";
+ }
}
if (empty($_POST['user_pass'])) {
$errors[] = "You must provide a password.";
} else {
- $user_pass = validate($_POST['user_pass']);
- $pass_check = validate($_POST['user_pass_check']);
+ $user_pass = $_POST['user_pass'];
+ $pass_check = $_POST['user_pass_check'];
+
+ if (preg_match("/^[a-zA-Z0-9\W]*$/", $user_name) === false) {
+ $errors[] = "Password contains invalid characters!";
+ }
+
if ($user_pass !== $pass_check) {
$errors[] = "The two passwords do not match.";
}
--
cgit v1.2.3