[svn r17144] Added trimming to firstname, lastname and username in user add procedures (see FS#2719) by cvargas

17 years ago · a818d3d9ba
parent 6115d121a1
commit a818d3d9ba
2 changed files with 7 additions and 5 deletions
--- a/main/auth/inscription.php
+++ b/main/auth/inscription.php
@ -1,5 +1,5 @@
 <?php
-// $Id: inscription.php 16708 2008-11-10 22:14:49Z yannoo $
+// $Id: inscription.php 17144 2008-12-08 23:49:52Z yannoo $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -65,7 +65,9 @@ $fck_attribute['ToolbarSet'] = "Profil";
 $form = new FormValidator('registration');
 //	LAST NAME and FIRST NAME
 $form->addElement('text', 'lastname',  get_lang('LastName'),  array('size' => 40));
+$form->applyFilter('lastname','trim');
 $form->addElement('text', 'firstname', get_lang('FirstName'), array('size' => 40));
+$form->applyFilter('firstname','trim');
 $form->addRule('lastname',  get_lang('ThisFieldIsRequired'), 'required');
 $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required');
 //	EMAIL
--- a/main/inc/lib/usermanager.lib.php
+++ b/main/inc/lib/usermanager.lib.php
@ -1,4 +1,4 @@
-<?php // $Id: usermanager.lib.php 17075 2008-12-04 22:49:14Z cfasanando $
+<?php // $Id: usermanager.lib.php 17144 2008-12-08 23:49:52Z yannoo $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -97,9 +97,9 @@ class UserManager
 		//$password = "PLACEHOLDER";
 		$password = ($userPasswordCrypted ? md5($password) : $password);
 		$sql = "INSERT INTO $table_user
-					                SET lastname = '".Database::escape_string($lastName)."',
-					                firstname = '".Database::escape_string($firstName)."',
-					                username = '".Database::escape_string($loginName)."',
+					                SET lastname = '".Database::escape_string(trim($lastName))."',
+					                firstname = '".Database::escape_string(trim($firstName))."',
+					                username = '".Database::escape_string(trim($loginName))."',
 					                status = '".Database::escape_string($status)."',
 					                password = '".Database::escape_string($password)."',
 					                email = '".Database::escape_string($email)."',