From 4eeae5171b885b6dda392f5dd68d6dd78a0c7858 Mon Sep 17 00:00:00 2001
From: Clément <clement@selfhost.fr>
Date: Thu, 16 Feb 2017 18:54:59 +0100
Subject: use function with preg_match to check username

---
 app/Models/Auth.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'app/Models/Auth.php')

diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index e63a24b27..476627e10 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -182,8 +182,7 @@ class FreshRSS_Auth {
 
 class FreshRSS_FormAuth {
 	public static function checkCredentials($username, $hash, $nonce, $challenge) {
-		$aValid = array('-', '_', '.');
-		if (!ctype_alnum(str_replace($aValid, '', $username)) ||
+		if (!FreshRSS_user_Controller::checkUsername($username) ||
 				!ctype_graph($challenge) ||
 				!ctype_alnum($nonce)) {
 			Minz_Log::debug('Invalid credential parameters:' .
-- 
cgit v1.2.3