prevent users from registering with name that is not a valid wikifile

avoids XSS attacks and is generally a good limitation
author: joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> 2006-04-25 05:53:22 +0000
committer: joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> 2006-04-25 05:53:22 +0000
commit: bfa96ad2827ebae0d0288d201c1a730a8d7784e1 (patch)
tree: ccd078c5fe6fe186d79c9c7d47da38e953c71abd /IkiWiki
parent: 2f241a35ceab49c5a9e666420a770ceb84b83412 (diff)
download: ikiwiki-bfa96ad2827ebae0d0288d201c1a730a8d7784e1.tar
ikiwiki-bfa96ad2827ebae0d0288d201c1a730a8d7784e1.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index 36d0e6008..067886c70 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -118,6 +118,7 @@ sub cgi_signin ($$) { #{{{
 				validate => sub {
 					my $name=shift;
 					length $name &&
+					$name=~/$wiki_file_regexp/ &&
 					! userinfo_get($name, "regdate");
 				},
 			);
author	joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>	2006-04-25 05:53:22 +0000
committer	joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>	2006-04-25 05:53:22 +0000
commit	bfa96ad2827ebae0d0288d201c1a730a8d7784e1 (patch)
tree	ccd078c5fe6fe186d79c9c7d47da38e953c71abd /IkiWiki
parent	2f241a35ceab49c5a9e666420a770ceb84b83412 (diff)
download	ikiwiki-bfa96ad2827ebae0d0288d201c1a730a8d7784e1.tar ikiwiki-bfa96ad2827ebae0d0288d201c1a730a8d7784e1.tar.gz