From b08408c086b25e0ada4e07e4fc25b7ec25a860a1 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sun, 21 Oct 2018 08:28:24 -0400 Subject: [PATCH] Add safeguard for username_min|max_length mutual exclusion --- src/Model/User.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/Model/User.php b/src/Model/User.php index 71c1306b8e..2fda6aac28 100644 --- a/src/Model/User.php +++ b/src/Model/User.php @@ -469,8 +469,15 @@ class User $username_min_length = max(1, min(255, intval(Config::get('system', 'username_min_length', 0)))); $username_max_length = max(1, min(255, intval(Config::get('system', 'username_max_length', 0)))); + if ($username_min_length > $username_max_length) { + logger(L10n::t('system.username_min_length (%s) and system.username_max_length (%s) are excluding each other, swapping values.', $username_min_length, $username_max_length), LOGGER_WARNING); + $tmp = $username_min_length; + $username_min_length = $username_max_length; + $username_max_length = $tmp; + } + if (mb_strlen($username) < $username_min_length) { - throw new Exception(L10n::tt('Username should be at least %s character.', 'Username should be at least %s character.', $username_min_length)); + throw new Exception(L10n::tt('Username should be at least %s character.', 'Username should be at least %s characters.', $username_min_length)); } if (mb_strlen($username) > $username_max_length) { -- 2.39.5