[Web] Disable API as username

2019-10-10 07:13:50 +02:00 · 2019-10-10 07:13:50 +02:00 · d03e90d3c0
parent 3124226607
commit d03e90d3c0
2 changed files with 2 additions and 2 deletions
--- a/data/web/inc/functions.admin.inc.php
+++ b/data/web/inc/functions.admin.inc.php
@ -19,7 +19,7 @@ function admin($_action, $_data = null) {
      $password		= $_data['password'];
      $password2  = $_data['password2'];
      $active     = intval($_data['active']);
-      if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username)) {
+      if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username) || $username == 'API') {
        $_SESSION['return'][] = array(
          'type' => 'danger',
          'log' => array(__FUNCTION__, $_action, $_data_log),
--- a/data/web/inc/functions.domain_admin.inc.php
+++ b/data/web/inc/functions.domain_admin.inc.php
@ -31,7 +31,7 @@ function domain_admin($_action, $_data = null) {
        );
        return false;
      }
-      if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username)) {
+      if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username) || $username == 'API') {
        $_SESSION['return'][] = array(
          'type' => 'danger',
          'log' => array(__FUNCTION__, $_action, $_data_log),