[Web] fix malformed_username check

2025-07-17 01:42:24 +02:00 · 2023-08-07 09:20:06 +02:00
parent 3d486678ae
commit 9beb47c067
1 changed files with 17 additions and 13 deletions
--- a/data/web/inc/functions.auth.inc.php
+++ b/data/web/inc/functions.auth.inc.php
@ -47,12 +47,14 @@ function check_login($user, $pass, $app_passwd_data = false, $extra = null) {
 function admin_login($user, $pass){
  global $pdo;
-  if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $user))) {
+  if (!filter_var($user, FILTER_VALIDATE_EMAIL) && !ctype_alnum(str_replace(array('_', '.', '-'), '', $user))) {
    if (!$is_internal){
      $_SESSION['return'][] =  array(
        'type' => 'danger',
        'log' => array(__FUNCTION__, $user, '*'),
        'msg' => 'malformed_username'
      );
    }
    return false;
  }
@ -99,12 +101,14 @@ function admin_login($user, $pass){
 function domainadmin_login($user, $pass){
  global $pdo;
-  if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $user))) {
+  if (!filter_var($user, FILTER_VALIDATE_EMAIL) && !ctype_alnum(str_replace(array('_', '.', '-'), '', $user))) {
    if (!$is_internal){
      $_SESSION['return'][] =  array(
        'type' => 'danger',
        'log' => array(__FUNCTION__, $user, '*'),
        'msg' => 'malformed_username'
      );
    }
    return false;
  }