From 271a1fdc8900a8b2c32675c22dce1cc458209de4 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sat, 25 Feb 2017 12:39:08 +0100
Subject: Missing checkUsername and const patten

https://github.com/FreshRSS/FreshRSS/pull/1423

https://github.com/YunoHost-Apps/freshrss_ynh/issues/27#issuecomment-279792363
---
 p/api/greader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'p/api/greader.php')

diff --git a/p/api/greader.php b/p/api/greader.php
index 4965ffd3b..01eca6d4f 100644
--- a/p/api/greader.php
+++ b/p/api/greader.php
@@ -152,7 +152,7 @@ function authorizationToUser() {
 		$headerAuthX = explode('/', $headerAuth, 2);
 		if (count($headerAuthX) === 2) {
 			$user = $headerAuthX[0];
-			if (ctype_alnum($user)) {
+			if (FreshRSS_user_Controller::checkUsername($user)) {
 				FreshRSS_Context::$user_conf = get_user_configuration($user);
 				if (FreshRSS_Context::$user_conf == null) {
 					Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.');
-- 
cgit v1.2.3