From 8d2b76334cd60356c85810bf4902124105d54ad4 Mon Sep 17 00:00:00 2001
From: Clément <clement@selfhost.fr>
Date: Thu, 16 Feb 2017 14:27:45 +0100
Subject: Possibility to register user having a '-', a '_' or a '.' in username

---
 app/Models/Auth.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'app/Models/Auth.php')

diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index b3255cfbd..e63a24b27 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -182,7 +182,8 @@ class FreshRSS_Auth {
 
 class FreshRSS_FormAuth {
 	public static function checkCredentials($username, $hash, $nonce, $challenge) {
-		if (!ctype_alnum($username) ||
+		$aValid = array('-', '_', '.');
+		if (!ctype_alnum(str_replace($aValid, '', $username)) ||
 				!ctype_graph($challenge) ||
 				!ctype_alnum($nonce)) {
 			Minz_Log::debug('Invalid credential parameters:' .
@@ -211,7 +212,7 @@ class FreshRSS_FormAuth {
 			// Token has expired (> 1 month) or does not exist.
 			// TODO: 1 month -> use a configuration instead
 			@unlink($token_file);
-			return array(); 	
+			return array();
 		}
 
 		$credentials = @file_get_contents($token_file);
-- 
cgit v1.2.3