From 0c0021d001a88b7f4d9229f55db043fb74187cf4 Mon Sep 17 00:00:00 2001 From: Aina Sitraka <35221835+aynsix@users.noreply.github.com> Date: Mon, 10 Jun 2024 17:09:57 +0300 Subject: [PATCH] PHRAS-4073: Register form - improvement (#4520) * sanitize register form * fix --- lib/Alchemy/Phrasea/Authentication/RegistrationService.php | 2 +- lib/classes/unicode.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/Alchemy/Phrasea/Authentication/RegistrationService.php b/lib/Alchemy/Phrasea/Authentication/RegistrationService.php index eeaac178fc..91a217bbf7 100644 --- a/lib/Alchemy/Phrasea/Authentication/RegistrationService.php +++ b/lib/Alchemy/Phrasea/Authentication/RegistrationService.php @@ -204,7 +204,7 @@ public function registerUser(array $data, array $selectedCollections = null, $pr foreach (self::$userPropertySetterMap as $property => $method) { if (isset($data[$property])) { - $user->$method($data[$property]); + $user->$method($this->app['unicode']->remove_nonazAZ09($data[$property], true, true, true, true)); } } diff --git a/lib/classes/unicode.php b/lib/classes/unicode.php index 2119c745e0..bf3b4fc971 100644 --- a/lib/classes/unicode.php +++ b/lib/classes/unicode.php @@ -1643,7 +1643,7 @@ public function remove_diacritics($string) return $this->convert($string, static::CONVERT_TO_ND); } - public function remove_nonazAZ09($string, $keep_underscores = true, $keep_minus = true, $keep_dot = false) + public function remove_nonazAZ09($string, $keep_underscores = true, $keep_minus = true, $keep_dot = false, $keep_space = false) { $string = $this->remove_diacritics($string); @@ -1652,7 +1652,7 @@ public function remove_nonazAZ09($string, $keep_underscores = true, $keep_minus for ($i = 0; $i < $l; $i ++) { $c = mb_substr($string, $i, 1); if(($c>='a'&&$c<='z')||($c>='A'&&$c<='Z')||($c>='0'&&$c<='9') - ||($keep_underscores&&$c=='_')||($keep_dot&&$c=='.')||($keep_minus&&$c=='-')) { + ||($keep_underscores&&$c=='_')||($keep_dot&&$c=='.')||($keep_minus&&$c=='-')||($keep_space&&$c==' ')) { $out .= $c; } }