Limit character set for new usernames
This commit is contained in:
parent
344e7baabc
commit
98af489386
2 changed files with 12 additions and 10 deletions
12
UPGRADING.md
12
UPGRADING.md
|
@ -15,12 +15,14 @@ because it wasn't known if these would show up in barcodes. In more than 13
|
|||
years of real world use, though, it seems that barcodes and usernames with
|
||||
"special" characters are incredibly uncommon.
|
||||
|
||||
Usernames must now only contain the characters from the set `A-Za-z0-9_-`.
|
||||
Existing usernames with special characters can be used by quoting the username.
|
||||
Since `' " \ ;` now have special meanings, they are no longer supported in
|
||||
product IDs. In theory, they could be quoted or escaped, but barcode scanners
|
||||
don't know that. Existing users with those characters in their names can
|
||||
continue to use their accounts by quoting or escaping them.
|
||||
|
||||
Since `'`, `"`, `\`, and `;` now have special meanings, they are no longer
|
||||
supported in product IDs. In theory, they could be quoted or escaped, but
|
||||
barcode scanners don't know that.
|
||||
New usernames must now only contain the characters from the set
|
||||
`A-Z a-z 0-9 _ - + / ^ * [] {}` and the first character must not be any of
|
||||
`- + / ^ *`.
|
||||
|
||||
## Update scripts that run revbank commands
|
||||
|
||||
|
|
|
@ -15,13 +15,13 @@ sub command :Tab(adduser) ($self, $cart, $command, @) {
|
|||
}
|
||||
|
||||
sub username($self, $cart, $name, @) {
|
||||
return REJECT, "Sorry, whitespace is not allowed."
|
||||
if $name =~ /\s/;
|
||||
return REJECT, "Sorry, only A-Z a-z 0-9 _ - + / ^ * [] {} are allowed."
|
||||
if $name !~ /^[A-Za-z0-9_\-+\/\^*\[\]{}-]+\z/;
|
||||
|
||||
return REJECT, "Sorry, invalid first character."
|
||||
if $name =~ /^[-+*]/;
|
||||
return REJECT, "Sorry, - + / ^ * are not allowed as the first character."
|
||||
if $name =~ /^[-+*\/\^]/;
|
||||
|
||||
return REJECT, "That's too numeric to be a user name."
|
||||
return REJECT, "Sorry, that's too numeric to be a user name."
|
||||
if defined parse_amount($name);
|
||||
|
||||
return REJECT, "That name already exists."
|
||||
|
|
Loading…
Add table
Reference in a new issue