r22266 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r22265‎ | r22266 | r22267 >
Date:19:55, 19 May 2007
Author:robchurch
Status:old
Tags:
Comment:
(bug 9813) Reject usernames containing '#' to avoid silent truncation of fragments during the normalisation process

This adds an explicit check to User::getCanonicalName() which is required to run before title normalisation, since it's too late once that's been done. This won't affect existing accounts.
Modified paths:
  • /trunk/phase3/RELEASE-NOTES (modified) (history)
  • /trunk/phase3/includes/User.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/User.php
@@ -531,6 +531,12 @@
532532 global $wgContLang;
533533 $name = $wgContLang->ucfirst( $name );
534534
 535+ # Reject names containing '#'; these will be cleaned up
 536+ # with title normalisation, but then it's too late to
 537+ # check elsewhere
 538+ if( strpos( $name, '#' ) !== false )
 539+ return false;
 540+
535541 # Clean up name according to title rules
536542 $t = Title::newFromText( $name );
537543 if( is_null( $t ) ) {
Index: trunk/phase3/RELEASE-NOTES
@@ -69,6 +69,8 @@
7070 * (bug 1229) Balance columns in diff display evenly
7171 * Right-align diff line numbers in RTL language display
7272 * (bug 9332) Fix instructions in tests/README
 73+* (bug 9813) Reject usernames containing '#' to avoid silent truncation
 74+ of fragments during the normalisation process
7375
7476 == MediaWiki API changes since 1.10 ==
7577