fixes #4406: validate username for max chars

diff --git a/engine/lib/users.php b/engine/lib/users.php
index f1d42e25e73491e7f6264e00d7cc191b0d8ed4f9..79a054938de8cbd2b705180f4613af653b7f6f78 100644 (file)
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -810,6 +810,12 @@ function validate_username($username) {
                $msg = elgg_echo('registration:usernametooshort', array($CONFIG->minusername));
                throw new RegistrationException($msg);
        }
+       
+       // username in the database has a limit of 128 characters
+       if (strlen($username) > 128) {
+               $msg = elgg_echo('registration:usernametoolong', array(128));
+               throw new RegistrationException($msg);
+       }
 
        // Blacklist for bad characters (partially nicked from mediawiki)
        $blacklist = '/[' .

diff --git a/languages/en.php b/languages/en.php
index 14df3db3406e348a9b53dd26812bfc4fba0e2151..25edfa14929e9a9f322ae61bb80c32b976f7894f 100644 (file)
--- a/languages/en.php
+++ b/languages/en.php
@@ -503,6 +503,7 @@ $english = array(
        'registration:notemail' => 'The email address you provided does not appear to be a valid email address.',
        'registration:userexists' => 'That username already exists',
        'registration:usernametooshort' => 'Your username must be a minimum of %u characters long.',
+       'registration:usernametoolong' => 'Your username is too long it can have a maximum of %u characters.',
        'registration:passwordtooshort' => 'The password must be a minimum of %u characters long.',
        'registration:dupeemail' => 'This email address has already been registered.',
        'registration:invalidchars' => 'Sorry, your username contains the character %s which is invalid. The following characters are invalid: %s',