Commit 814ece2c authored by Leigh Stoller's avatar Leigh Stoller

Check for non-printable and non-ascii characters in CHECKPASSWORD().

parent d5545977
......@@ -486,6 +486,11 @@ function CHECKPASSWORD($uid, $password, $name, $email, &$error)
$error = "";
return 0;
}
# Ascii only.
if (! TBvalid_userdata($password)) {
$error = "Invalid characters; ascii only please";
return 0;
}
$uid = escapeshellarg($uid);
$password = escapeshellarg($password);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment