Account registration: Restrict Real Name length · recaptime.dev/phorge@eb380f9

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork

Account registration: Restrict Real Name length

Summary:
Avoid a database exception at user account registration when users enter very long real names by setting a maximum length.
This does not affect existing account data as it is only called in the account registration code.

Fixes T15962

Test Plan: Go to http://phorge.localhost/auth/register/ and enter long values into the "Real Name" field

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: l2dy, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15962

Differential Revision: https://we.phorge.it/D25841

Andre Klapper 1 year ago eb380f92 0bfdcaa0

+15

2 changed files

expand all

src

applications

auth

controller

PhabricatorAuthRegisterController.php

people

storage

PhabricatorUser.php

src/applications/auth/controller/PhabricatorAuthRegisterController.php

··· 342 342 if (!strlen($value_realname) && $require_real_name) { 343 343 $e_realname = pht('Required'); 344 344 $errors[] = pht('Real name is required.'); 345 + } else if ($value_realname && 346 + !PhabricatorUser::validateRealName($value_realname)) { 347 + $e_realname = pht('Invalid'); 348 + $errors[] = PhabricatorUser::describeValidRealName(); 345 349 } else { 346 350 $e_realname = null; 347 351 }

+11

src/applications/people/storage/PhabricatorUser.php

··· 26 26 const SESSION_TABLE = 'phabricator_session'; 27 27 const NAMETOKEN_TABLE = 'user_nametoken'; 28 28 const MAXIMUM_USERNAME_LENGTH = 64; 29 + const MAXIMUM_REALNAME_LENGTH = 256; 29 30 30 31 protected $userName; 31 32 protected $realName; ··· 548 549 } 549 550 550 551 return (bool)preg_match('/^[a-zA-Z0-9._-]*[a-zA-Z0-9_-]\z/', $username); 552 + } 553 + 554 + public static function describeValidRealName() { 555 + return pht( 556 + 'Real Name must have no more than %d characters.', 557 + new PhutilNumber(self::MAXIMUM_REALNAME_LENGTH)); 558 + } 559 + 560 + public static function validateRealName($realname) { 561 + return strlen($realname) <= self::MAXIMUM_REALNAME_LENGTH; 551 562 } 552 563 553 564 public static function getDefaultProfileImageURI() {

Configure Feed

Configure Feed