From d03e90d3c006bde29d30e1a4b2b8e5d38939f669 Mon Sep 17 00:00:00 2001 From: andryyy Date: Thu, 10 Oct 2019 07:13:50 +0200 Subject: [PATCH] [Web] Disable API as username --- data/web/inc/functions.admin.inc.php | 2 +- data/web/inc/functions.domain_admin.inc.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/data/web/inc/functions.admin.inc.php b/data/web/inc/functions.admin.inc.php index f9aee508..660aed69 100644 --- a/data/web/inc/functions.admin.inc.php +++ b/data/web/inc/functions.admin.inc.php @@ -19,7 +19,7 @@ function admin($_action, $_data = null) { $password = $_data['password']; $password2 = $_data['password2']; $active = intval($_data['active']); - if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username)) { + if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username) || $username == 'API') { $_SESSION['return'][] = array( 'type' => 'danger', 'log' => array(__FUNCTION__, $_action, $_data_log), diff --git a/data/web/inc/functions.domain_admin.inc.php b/data/web/inc/functions.domain_admin.inc.php index 9c29b561..00cb35fc 100644 --- a/data/web/inc/functions.domain_admin.inc.php +++ b/data/web/inc/functions.domain_admin.inc.php @@ -31,7 +31,7 @@ function domain_admin($_action, $_data = null) { ); return false; } - if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username)) { + if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username) || $username == 'API') { $_SESSION['return'][] = array( 'type' => 'danger', 'log' => array(__FUNCTION__, $_action, $_data_log),