auth admin: validate username

diff --git a/ipf/auth/admin.php b/ipf/auth/admin.php
index 380dc4660802c28ae9aa5ed66a974a2bc928012a..e7fe4e28806e5c46774788cce8169c16a5c42aa4 100644 (file)
--- a/ipf/auth/admin.php
+++ b/ipf/auth/admin.php
@@ -32,11 +32,12 @@ class UserForm extends \IPF_ObjectForm
     {
         $this->isAdd = $extra['is_add'];
 
-        $this->fields['username'] = new \IPF_Form_Field_Varchar(array(
+        $this->fields['username'] = new \IPF_Form_Field_Regex(array(
             'required'    => true,
             'max_length'  => 32,
             'label'       => __('Username'),
             'help_text'   => __('Required. 32 characters or less. Alphanumeric characters only (letters, digits and underscores).'),
+            'regex'       => '/^[a-zA-Z0-9_]{1,32}$/',
         ));
 
         $this->fields['password1'] = new \IPF_Form_Field_Varchar(array(

diff --git a/ipf/form/field/regex.php b/ipf/form/field/regex.php
new file mode 100644 (file)
index 0000000..a530dff
--- /dev/null
+++ b/ipf/form/field/regex.php
@@ -0,0 +1,24 @@
+<?php
+
+class IPF_Form_Field_Regex extends IPF_Form_Field
+{
+    public $widget = 'IPF_Form_Widget_TextInput';
+    public $regex = '/.*/';
+    public $error_message = null;
+
+    public function clean($value)
+    {
+        parent::clean($value);
+        if (in_array($value, $this->empty_values)) {
+            return '';
+        }
+        if (!preg_match($this->regex, $value)) {
+            $error_message = $this->error_message;
+            if (!$error_message)
+                $error_message = __('Invalid value');
+            throw new IPF_Exception_Form($error_message);
+        }
+        return $value;
+    }
+}
+