05-30-2016, 11:09 AM
Hi,
I'm currently testing the registration form and the Username requires "No Spaces or Special Characters - Min 5 characters", but there is no check for spaces or special chars. Thus I included an new rule in "join.php", i.e.
And in "Validate.php" I then added:
<pre></pre>
Further, I found that it is not possible to use passwords containing some special chars, e.g. mypassword§${3bc1fe685386cc4c3ab89a3f76566d8931e181ad17f08aed9ad73b30bf28114d}, the validation says "Password and Confirm must match". Thus I found in "Validate.php" that the "$value" is sanitized, which is essentially the "htmlentities" check in "helpers.php". But, for the "match" case "$source[$rule_value]" is not sanitized. Thus I simply applied the sanitize function to "$source[$rule_value]" and everything works fine.
Cheers,
Sebastian
I'm currently testing the registration form and the Username requires "No Spaces or Special Characters - Min 5 characters", but there is no check for spaces or special chars. Thus I included an new rule in "join.php", i.e.
Code:
'no_special_char' => true,<pre>
Code:
case 'no_special_char':
if (!ctype_alnum($value)) {
$this->addError(["{$display} must not contain special characters or spaces.",$item]);
}
break;Further, I found that it is not possible to use passwords containing some special chars, e.g. mypassword§${3bc1fe685386cc4c3ab89a3f76566d8931e181ad17f08aed9ad73b30bf28114d}, the validation says "Password and Confirm must match". Thus I found in "Validate.php" that the "$value" is sanitized, which is essentially the "htmlentities" check in "helpers.php". But, for the "match" case "$source[$rule_value]" is not sanitized. Thus I simply applied the sanitize function to "$source[$rule_value]" and everything works fine.
Cheers,
Sebastian
