Added username length limit according to db type

MySQL: Limit 14 characters PostgreSQL: Limit 61 characters Limits allow for at least 1 character to be used for database usernames & passwords
2025-08-22 22:34:05 -07:00 · 2014-06-10 00:27:26 -04:00 · 2014-06-10 00:27:26 -04:00 · 0b6f4b328b
commit 0b6f4b328b
parent 7e494680bc
2 changed files with 25 additions and 4 deletions
--- a/web/add/user/index.php
+++ b/web/add/user/index.php
@ -53,6 +53,20 @@ if ($_SESSION['user'] == 'admin') {
            $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
        }

+        // Check username length
+        if (empty($_SESSION['error_msg'])) {
+            $username_len = strlen($_POST['v_username']);
+            exec (VESTA_CMD."v-list-database-types", $output, $return_var);
+            check_error($return_var);
+            if (strpos($output, "mysql") !== false)
+                $username_maxlen = 16 - 2;
+            elseif (strpos($output, "postgresql") !== false)
+                $username_maxlen = 63 - 2;
+            else
+                $username_maxlen = true; // Allow any length by default
+            if ($username_len > $username_maxlen ) $_SESSION['error_msg'] = __('Username is too long.',$error_msg);
+        }
+
        // Check password length
        if (empty($_SESSION['error_msg'])) {
            $pw_len = strlen($_POST['v_password']);
--- a/web/templates/admin/add_user.html
+++ b/web/templates/admin/add_user.html
@ -5,7 +5,7 @@
                } else {
                    $back = "location.href='".$back."'";
                }
-            ?> 
+            ?>
            <table class="submenu">
                <tr>
                    <td style="padding: 20px 10px;" ><a class="name"><b><?php print __('Adding User');?></b></a>
@ -17,7 +17,7 @@
                                    echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
                                }
                            }
-                        ?> 
+                        ?>
                    </td>
                </tr>
            </table>
@ -59,7 +59,14 @@
                            </tr>
                            <tr>
                                <td>
-                                    <input type="text" size="20" class="vst-input" name="v_username" <?php if (!empty($v_username)) echo "value=".$v_username;  ?> >
+                                    <?php
+                                        exec (VESTA_CMD."v-list-database-types", $output);
+                                        if (strpos($output, "mysql") !== false)
+                                            $username_maxlength = 16 - 2;
+                                        elseif (strpos($output, "postgresql") !== false)
+                                            $username_maxlength = 63 - 2;
+                                    ?>
+                                    <input type="text" size="20" class="vst-input" name="v_username" maxlength="14" <?php if (!empty($username_maxlength)) echo "value=".$username_maxlength; if (!empty($v_username)) echo "value=".$v_username; ?> >
                                </td>
                            </tr>
                            <tr>
@ -102,7 +109,7 @@
                                                }
                                                echo ">".$key."</option>\n";
                                            }
-                                        ?> 
+                                        ?>
                                    </select>
                                </td>
                            </tr>