login: replace unsupported characters in user names

author Mischa POSLAWSKY <perl@shiar.org>

Tue, 19 Jun 2018 16:54:43 +0000 (18:54 +0200)

committer Mischa POSLAWSKY <perl@shiar.org>

Tue, 19 Jun 2018 18:57:08 +0000 (20:57 +0200)
author Mischa POSLAWSKY <perl@shiar.org>
Tue, 19 Jun 2018 16:54:43 +0000 (18:54 +0200)
committer Mischa POSLAWSKY <perl@shiar.org>
Tue, 19 Jun 2018 18:57:08 +0000 (20:57 +0200)
diff --git a/auth.inc.php b/auth.inc.php

index 2edfa7a0ef3012db39bcf50d5d7b1a83988b10a3..030a394e0b7904db90320b5643d5f274ddbeda4f 100644 (file)
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -24,7 +24,7 @@ function login($inuser, $inpass = NULL)
         }
  
         # find password data by user name
-       $userdir = 'profile/'.strtolower($inuser);
+       $userdir = 'profile/'.preg_replace('/[^a-z0-9]+/', '-', strtolower($inuser));
         $pwfile = "$userdir/.passwd";
         if (!file_exists($pwfile)) return;
         $usertest = trim(file_get_contents($pwfile));
author	Mischa POSLAWSKY <perl@shiar.org>
	Tue, 19 Jun 2018 16:54:43 +0000 (18:54 +0200)
committer	Mischa POSLAWSKY <perl@shiar.org>
	Tue, 19 Jun 2018 18:57:08 +0000 (20:57 +0200)