diff options
Diffstat (limited to 'OpenSim/Server')
-rw-r--r-- | OpenSim/Server/Handlers/Web/WebServerConnector.cs | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/OpenSim/Server/Handlers/Web/WebServerConnector.cs b/OpenSim/Server/Handlers/Web/WebServerConnector.cs index cbfee3a..c4a0531 100644 --- a/OpenSim/Server/Handlers/Web/WebServerConnector.cs +++ b/OpenSim/Server/Handlers/Web/WebServerConnector.cs | |||
@@ -391,7 +391,8 @@ namespace OpenSim.Server.Handlers.Web | |||
391 | if (("https://" + m_domain + ":" + m_https_port.ToString() + "/web/account.html") != headers["referer"].ToString()) | 391 | if (("https://" + m_domain + ":" + m_https_port.ToString() + "/web/account.html") != headers["referer"].ToString()) |
392 | errors.Add("Invalid referer."); | 392 | errors.Add("Invalid referer."); |
393 | 393 | ||
394 | validateName(false, fields, ref errors); | 394 | // Include a check for god names if we are creating a new account. |
395 | string[] names = validateName(("create" == doit) || ("confirm" == doit), fields, ref errors); | ||
395 | 396 | ||
396 | if ("logout" == doit) | 397 | if ("logout" == doit) |
397 | { | 398 | { |
@@ -400,7 +401,6 @@ namespace OpenSim.Server.Handlers.Web | |||
400 | } | 401 | } |
401 | else if (("create" == doit) || ("confirm" == doit)) | 402 | else if (("create" == doit) || ("confirm" == doit)) |
402 | { | 403 | { |
403 | validateName(true, fields, ref errors); | ||
404 | validateEmail(fields, ref errors); | 404 | validateEmail(fields, ref errors); |
405 | if ("confirm" == doit) | 405 | if ("confirm" == doit) |
406 | validatePassword(fields, ref errors); | 406 | validatePassword(fields, ref errors); |
@@ -412,9 +412,7 @@ namespace OpenSim.Server.Handlers.Web | |||
412 | // UserAccounts FirstName and LastName fields are both varchar(64) utf8_general_ci. | 412 | // UserAccounts FirstName and LastName fields are both varchar(64) utf8_general_ci. |
413 | // The MySQL docs say that the "_ci" bit means comparisons will be case insensitive. So that should work fine. | 413 | // The MySQL docs say that the "_ci" bit means comparisons will be case insensitive. So that should work fine. |
414 | // No need for prepared SQL here, the names have already been checked. | 414 | // No need for prepared SQL here, the names have already been checked. |
415 | string[] names = fields["name"].ToString().Split(' '); | 415 | if (0 != m_database.Count("UserAccounts", "FirstName = '" + names[0] + "' AND LastName = '" + names[1] + "'")) |
416 | long c = m_database.Count("UserAccounts", "FirstName = '" + names[0] + "' AND LastName = '" + names[1] + "'"); | ||
417 | if (0 != c) | ||
418 | errors.Add("Pick a different name."); | 416 | errors.Add("Pick a different name."); |
419 | else if (("create" == doit)) | 417 | else if (("create" == doit)) |
420 | reply["str_response_string"] = accountCreationPage(fields, body); | 418 | reply["str_response_string"] = accountCreationPage(fields, body); |
@@ -553,10 +551,10 @@ namespace OpenSim.Server.Handlers.Web | |||
553 | errors.Add("Can't find that email server, try a different email address."); | 551 | errors.Add("Can't find that email server, try a different email address."); |
554 | } | 552 | } |
555 | 553 | ||
556 | private void validateName(bool godCheck, Hashtable fields, ref List<string> errors) | 554 | private string[] validateName(bool godCheck, Hashtable fields, ref List<string> errors) |
557 | { | 555 | { |
558 | Regex rgxName = new Regex("^[a-zA-Z0-9]+$"); | 556 | Regex rgxName = new Regex("^[a-zA-Z0-9]+$"); |
559 | string[] names; | 557 | string[] names = {"", ""}; |
560 | if ((null == fields["name"]) || ("" == fields["name"].ToString())) | 558 | if ((null == fields["name"]) || ("" == fields["name"].ToString())) |
561 | errors.Add("Please supply an account name."); | 559 | errors.Add("Please supply an account name."); |
562 | else | 560 | else |
@@ -612,6 +610,7 @@ namespace OpenSim.Server.Handlers.Web | |||
612 | } | 610 | } |
613 | } | 611 | } |
614 | } | 612 | } |
613 | return names; | ||
615 | } | 614 | } |
616 | 615 | ||
617 | private void validatePassword(Hashtable fields, ref List<string> errors) | 616 | private void validatePassword(Hashtable fields, ref List<string> errors) |