hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: #8582

Browse Source
v1.18.x
Barış Soner Uşaklı 5 years ago
parent fb3b4a0293
commit 9f9164a9be
4 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
public/src/utils.js
Unescape Escape View File

@ -385,7 +385,7 @@
},
isUserNameValid: function (name) {
return (name && name !== '' && (/^['"\s\-+.*[\]0-9\u00BF-\u1FFF\u2C00-\uD7FF\w]+$/.test(name)));
return (name && name !== '' && (/^['" \-+.*[\]0-9\u00BF-\u1FFF\u2C00-\uD7FF\w]+$/.test(name)));
},
isPasswordValid: function (password) {

1
src/user/approval.js
Unescape Escape View File

@ -13,6 +13,7 @@ const plugins = require('../plugins');
module.exports = function (User) {
User.addToApprovalQueue = async function (userData) {
userData.username = userData.username.trim();
userData.userslug = utils.slugify(userData.username);
await canQueue(userData);
const hashedPassword = await User.hashPassword(userData.password);

17
test/user.js
Unescape Escape View File

@ -1805,6 +1805,23 @@ describe('User', function () {
});
});
});
it('should trim username and add user to registration queue', function (done) {
helpers.registerUser({
username: 'invalidname\r\n',
password: '123456',
'password-confirm': '123456',
email: 'invalidtest@test.com',
gdpr_consent: true,
}, function (err) {
assert.ifError(err);
db.getSortedSetRange('registration:queue', 0, -1, function (err, data) {
assert.ifError(err);
assert.equal(data[0], 'invalidname');
done();
});
});
});
});
describe('invites', function () {

20
test/utils.js
Unescape Escape View File

@ -63,10 +63,30 @@ describe('Utility Methods', function () {
assert.equal(utils.isUserNameValid(username), false, 'accepted as valid username');
});
it('should reject new lines', function () {
assert.equal(utils.isUserNameValid('myusername\r\n'), false);
});
it('should reject new lines', function () {
assert.equal(utils.isUserNameValid('myusername\n'), false);
});
it('should reject tabs', function () {
assert.equal(utils.isUserNameValid('myusername\t'), false);
});
it('accepts square brackets', function () {
var username = '[best clan] julian';
assert(utils.isUserNameValid(username), 'invalid username');
});
it('accepts regular username', function () {
assert(utils.isUserNameValid('myusername'), 'invalid username');
});
it('accepts quotes', function () {
assert(utils.isUserNameValid('baris "the best" usakli'), 'invalid username');
});
});
describe('email validation', function () {

Write Preview
Loading…
Cancel
Save