diff --git a/htdocs/admin/users/add.php b/htdocs/admin/users/add.php index 5d1e7585001232fe2849b7685ceaf1cabc203603..70d7e368e0dc11d7aa0a82630afbdbf4b768a83e 100644 --- a/htdocs/admin/users/add.php +++ b/htdocs/admin/users/add.php @@ -88,7 +88,10 @@ $elements = array( 'username' => array( 'type' => 'text', 'title' => get_string('username'), - 'rules' => array('required' => true), + 'rules' => array( + 'required' => true, + 'maxlength' => 236, + ), ), 'password' => array( 'type' => 'text', @@ -172,8 +175,15 @@ function adduser_validate(Pieform $form, $values) { $email = $values['email']; $password = $values['password']; - if (method_exists($authobj, 'is_username_valid') && !$authobj->is_username_valid($username)) { - $form->set_error('username', get_string('usernameinvalidform', 'auth.internal')); + if (method_exists($authobj, 'is_username_valid_admin')) { + if (!$authobj->is_username_valid_admin($username)) { + $form->set_error('username', get_string('usernameinvalidadminform', 'auth.internal')); + } + } + else if (method_exists($authobj, 'is_username_valid')) { + if (!$authobj->is_username_valid($username)) { + $form->set_error('username', get_string('usernameinvalidform', 'auth.internal')); + } } if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($username))) { $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal')); diff --git a/htdocs/admin/users/edit.php b/htdocs/admin/users/edit.php index 1161d4452bc7a1e51825ec9c43ec6ca61eabf8cd..582fb771aaade8bb283f39b355c9070da20289ee 100644 --- a/htdocs/admin/users/edit.php +++ b/htdocs/admin/users/edit.php @@ -61,6 +61,9 @@ if (method_exists($authobj, 'change_username')) { 'title' => get_string('changeusername', 'admin'), 'description' => get_string('changeusernamedescription', 'admin'), 'defaultvalue' => $user->username, + 'rules' => array( + 'maxlength' => 236, + ), ); } @@ -184,6 +187,40 @@ function edituser_site_validate(Pieform $form, $values) { $SESSION->add_error_msg(get_string('maxquotaexceeded', 'artefact.file', display_size($maxquota))); } + $userobj = new User(); + $userobj = $userobj->find_by_id($user->id); + + if (isset($values['username']) && !empty($values['username']) && $values['username'] != $userobj->username) { + + if (!isset($values['authinstance'])) { + $authobj = AuthFactory::create($userobj->authinstance); + } + else { + $authobj = AuthFactory::create($values['authinstance']); + } + + if (method_exists($authobj, 'change_username')) { + + if (method_exists($authobj, 'is_username_valid_admin')) { + if (!$authobj->is_username_valid_admin($values['username'])) { + $form->set_error('username', get_string('usernameinvalidadminform', 'auth.internal')); + } + } + else if (method_exists($authobj, 'is_username_valid')) { + if (!$authobj->is_username_valid($values['username'])) { + $form->set_error('username', get_string('usernameinvalidform', 'auth.internal')); + } + } + + if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) { + $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal')); + } + } + else { + $form->set_error('username', get_string('usernamechangenotallowed', 'admin')); + } + } + // Check that the external username isn't already in use if (isset($values['remoteusername']) && $usedby = get_record_select('auth_remote_user', diff --git a/htdocs/admin/users/uploadcsv.php b/htdocs/admin/users/uploadcsv.php index bf7366529eb8b9fa82d499214a137dbf026baa95..c5f20e0ecfe06432633bace7131b4f63e2eedabe 100644 --- a/htdocs/admin/users/uploadcsv.php +++ b/htdocs/admin/users/uploadcsv.php @@ -208,8 +208,15 @@ function uploadcsv_validate(Pieform $form, $values) { $authobj = AuthFactory::create($authinstance); - if (method_exists($authobj, 'is_username_valid') && !$authobj->is_username_valid($username)) { - $CSVERRORS[] = get_string('uploadcsverrorinvalidusername', 'admin', $i); + if (method_exists($authobj, 'is_username_valid_admin')) { + if (!$authobj->is_username_valid_admin($username)) { + $CSVERRORS[] = get_string('uploadcsverrorinvalidusername', 'admin', $i); + } + } + else if (method_exists($authobj, 'is_username_valid')) { + if (!$authobj->is_username_valid($username)) { + $CSVERRORS[] = get_string('uploadcsverrorinvalidusername', 'admin', $i); + } } if (record_exists_select('usr', 'LOWER(username) = ?', strtolower($username)) || isset($usernames[strtolower($username)])) { $CSVERRORS[] = get_string('uploadcsverroruseralreadyexists', 'admin', $i, $username); diff --git a/htdocs/auth/internal/lang/en.utf8/auth.internal.php b/htdocs/auth/internal/lang/en.utf8/auth.internal.php index d7a20d3118c6fe8d57200101ae0cb3b0578ddd50..c4cac805186e8ed7a6f49ea253e136fcc501f17c 100644 --- a/htdocs/auth/internal/lang/en.utf8/auth.internal.php +++ b/htdocs/auth/internal/lang/en.utf8/auth.internal.php @@ -63,4 +63,5 @@ $string['registrationnosuchkey'] = 'Sorry, there does not seem to be a registrat $string['registrationunsuccessful'] = 'Sorry, your registration attempt was unsuccessful. This is our fault, not yours. Please try again later.'; $string['usernamealreadytaken'] = 'Sorry, this username is already taken'; $string['usernameinvalidform'] = 'Usernames may contain letters, numbers and most common symbols, and must be from 3 to 30 characters in length. Spaces are not allowed.'; +$string['usernameinvalidadminform'] = 'Usernames may contain letters, numbers and most common symbols, and must be from 3 to 236 characters in length. Spaces are not allowed.'; $string['youmaynotregisterwithouttandc'] = 'You may not register unless you agree to abide by the Terms and Conditions';