![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] Canonicalize the input username.
[commit: http://hg.dwscoalition.org/dw-free/rev/4ac600d84f6f]
Canonicalize the input username.
Patch by![[staff profile]](https://www.dreamwidth.org/img/silk/identity/user_staff.png)
mark.
Files modified:
Canonicalize the input username.
Patch by
mark.Files modified:
- cgi-bin/LJ/Widget/ImportChooseSource.pm
--------------------------------------------------------------------------------
diff -r bd7785519454 -r 4ac600d84f6f cgi-bin/LJ/Widget/ImportChooseSource.pm
--- a/cgi-bin/LJ/Widget/ImportChooseSource.pm Sun May 10 02:31:23 2009 +0000
+++ b/cgi-bin/LJ/Widget/ImportChooseSource.pm Sun May 10 02:58:55 2009 +0000
@@ -98,7 +98,10 @@ sub handle_post {
return ( ret => $class->ml( 'widget.importchoosesource.error.nohostname' ) )
unless $hn;
- my $un = $post->{username};
+ # be sure to sanitize the username
+ my $un = lc $post->{username};
+ $un =~ s/-/_/g;
+
my $pw = $post->{password};
return ( ret => $class->ml( 'widget.importchoosesource.error.nocredentials' ) )
unless $un && $pw;
--------------------------------------------------------------------------------