diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2005-10-12 11:34:38 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2005-10-12 11:34:38 +0000 |
| commit | 3318c3ebfd1c5de95b49a139268db4b42336d478 (patch) | |
| tree | 5f77b04c2a758b9eef23236b55a4e59d728f8914 | |
| parent | 38b4fdea8538100a6135369b7200ac22f66a08a0 (diff) | |
| download | wordpress-mu-3318c3ebfd1c5de95b49a139268db4b42336d478.tar.gz wordpress-mu-3318c3ebfd1c5de95b49a139268db4b42336d478.tar.xz wordpress-mu-3318c3ebfd1c5de95b49a139268db4b42336d478.zip | |
Only allow numbers and letters in the username
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@400 7be80a69-a1ef-0310-a953-fb0f7c49ff36
| -rw-r--r-- | wp-inst/wp-newblog.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/wp-inst/wp-newblog.php b/wp-inst/wp-newblog.php index 8ecba63..af79611 100644 --- a/wp-inst/wp-newblog.php +++ b/wp-inst/wp-newblog.php @@ -142,6 +142,10 @@ switch( $_POST[ 'stage' ] ) } $newBlogID = sanitize_title($_POST['weblog_id']); + preg_match( "/[a-zA-Z0-9]+/", $newBlogID, $maybe ); + if( $newBlogID != $maybe[0] ) { + $errormsg[ 'weblog_id' ] = "Only letters and numbers allowed"; + } if( in_array( $newBlogID, $illegal_names ) == true ) { $errormsg[ 'weblog_id' ] = "That name is not allowed"; } |