From 94d455da18258787132860d8ee203a3523a7d9b3 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Thu, 17 Feb 2011 14:45:39 -0500
Subject: Enforce FreeBSD's max username length of 16 chars.
 http://forum.pfsense.org/index.php/topic,33410.0.html

---
 usr/local/www/system_usermanager.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'usr/local/www/system_usermanager.php')

diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php
index 9256c40..6b1a81b 100644
--- a/usr/local/www/system_usermanager.php
+++ b/usr/local/www/system_usermanager.php
@@ -205,6 +205,9 @@ if (isAllowedPage("system_usermanager")) {
 		if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
 			$input_errors[] = gettext("The username contains invalid characters.");
 
+		if (strlen($_POST['usernamefld']) > 16)
+			$input_errors[] = gettext("The username is longer than 16 characters.");
+
 		if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
 			$input_errors[] = gettext("The passwords do not match.");
 
@@ -478,7 +481,7 @@ function sshkeyClicked(obj) {
 						<tr>
 							<td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td>
 							<td width="78%" class="vtable">
-								<input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?>/>
+								<input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" maxlength="16" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?>/>
 								<input name="oldusername" type="hidden" id="oldusername" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" />
 							</td>
 						</tr>
-- 
cgit v1.1