@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Raise an error if a user tries to register with an excessively long username
Summary: Fixes T2348. We should probably do some of this more broadly, but can tackle them one at a time as they arise, since many fields have no effective length limit.
Test Plan: {F54126}
Reviewers: btrahan, asherkin
Reviewed By: asherkin
CC: aran
Maniphest Tasks: T2348
Differential Revision: https://secure.phabricator.com/D6744
+10
-2
+10
-2
src/applications/people/storage/PhabricatorUser.php
+10
-2
src/applications/people/storage/PhabricatorUser.php
···
9
9
10
10
const SESSION_TABLE = 'phabricator_session';
11
11
const NAMETOKEN_TABLE = 'user_nametoken';
12
+
const MAXIMUM_USERNAME_LENGTH = 64;
12
13
13
14
protected $phid;
14
15
protected $userName;
···
689
690
}
690
691
691
692
public static function describeValidUsername() {
692
-
return 'Usernames must contain only numbers, letters, period, underscore '.
693
-
'and hyphen, and can not end with a period.';
693
+
return pht(
694
+
'Usernames must contain only numbers, letters, period, underscore and '.
695
+
'hyphen, and can not end with a period. They must have no more than %d '.
696
+
'characters.',
697
+
new PhutilNumber(self::MAXIMUM_USERNAME_LENGTH));
694
698
}
695
699
696
700
public static function validateUsername($username) {
···
700
704
// - Routing rule for "/p/username/".
701
705
// - Unit tests, obviously.
702
706
// - describeValidUsername() method, above.
707
+
708
+
if (strlen($username) > self::MAXIMUM_USERNAME_LENGTH) {
709
+
return false;
710
+
}
703
711
704
712
return (bool)preg_match('/^[a-zA-Z0-9._-]*[a-zA-Z0-9_-]$/', $username);
705
713
}