From a795d7d884db9f307cb55a5af3ef610d18affc34 Mon Sep 17 00:00:00 2001
From: Matt Lowe <matthewneillowe@gmail.com>
Date: Sat, 20 Jun 2015 23:12:27 +0200
Subject: [PATCH 1/3] Moved username formatting to INI file

Rather than having the username limitations hard coded, I have moved it
into the ini file. I have added some examples to the code and also to
the ini.

This is only and example and can be expanded on by others.
---
 servatrice/servatrice.ini.example             | 23 +++++++++++++++++++
 .../src/servatrice_database_interface.cpp     | 22 +++++++++++++++++-
 2 files changed, 44 insertions(+), 1 deletion(-)

diff --git a/servatrice/servatrice.ini.example b/servatrice/servatrice.ini.example
index 31483afe..d04111eb 100644
--- a/servatrice/servatrice.ini.example
+++ b/servatrice/servatrice.ini.example
@@ -54,6 +54,29 @@ password=123456
 ; Accept only registered users? default is 0 (accept unregistered users)
 regonly=0
 
+[users]
+
+; The minimum length a username can be
+minnamelength=6
+
+; The maximum length a username can be
+maxnamelength=12
+
+; If a username should be allowed to contain lowercase chars [a-z]
+allowlowercase=true
+
+; If a username should be allowed to conatain uppercase chars [A-Z]
+allowuppercase=true
+
+; If a username should be allowed to contain numbers [0-9]
+allownumerics=true
+
+; Define punctuation allowed in usernames
+allowedpunctuation=_.-
+
+; If a username can begin with punctuation defined in allowedpunctuation
+allowpunctuationprefix=false
+
 [registration]
 
 ; Servatrice can process registration requests to add new users on the fly.
diff --git a/servatrice/src/servatrice_database_interface.cpp b/servatrice/src/servatrice_database_interface.cpp
index bfbbcd00..a72f7896 100644
--- a/servatrice/src/servatrice_database_interface.cpp
+++ b/servatrice/src/servatrice_database_interface.cpp
@@ -120,7 +120,27 @@ bool Servatrice_DatabaseInterface::execSqlQuery(QSqlQuery *query)
 
 bool Servatrice_DatabaseInterface::usernameIsValid(const QString &user)
 {
-    static QRegExp re = QRegExp("[a-zA-Z0-9_\\.-]+");
+    int maxNameLength = settingsCache->value("users/maxnamelength").toInt();
+    int minNameLength = settingsCache->value("users/minnamelength").toInt();
+    if (user.length() < minNameLength || user.length() > maxNameLength)
+        return false;
+
+    bool allowPunctuationPrefix = settingsCache->value("users/allowpunctuationprefix").toBool();
+    QString allowedPunctuation = settingsCache->value("users/allowedpunctuation").toString();
+    if (!allowPunctuationPrefix && allowedPunctuation.contains(user.at(0)))
+        return false;
+
+    QString regEx("[");
+    if (settingsCache->value("users/allowlowercase").toBool())
+        regEx.append("a-z");
+    if (settingsCache->value("users/allowuppercase").toBool())
+        regEx.append("A-Z");
+    if(settingsCache->value("users/allownumerics").toBool())
+        regEx.append("0-9");
+    regEx.append(allowedPunctuation);
+    regEx.append("]+");
+
+    static QRegExp re = QRegExp(regEx);
     return re.exactMatch(user);
 }
 

From d76073cdd1d63965f040078b8f20d674ce642f69 Mon Sep 17 00:00:00 2001
From: Matt Lowe <matthewneillowe@gmail.com>
Date: Mon, 22 Jun 2015 22:02:36 +0200
Subject: [PATCH 2/3] Added default values

---
 servatrice/src/servatrice_database_interface.cpp | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/servatrice/src/servatrice_database_interface.cpp b/servatrice/src/servatrice_database_interface.cpp
index a72f7896..77a0029b 100644
--- a/servatrice/src/servatrice_database_interface.cpp
+++ b/servatrice/src/servatrice_database_interface.cpp
@@ -120,22 +120,22 @@ bool Servatrice_DatabaseInterface::execSqlQuery(QSqlQuery *query)
 
 bool Servatrice_DatabaseInterface::usernameIsValid(const QString &user)
 {
-    int maxNameLength = settingsCache->value("users/maxnamelength").toInt();
-    int minNameLength = settingsCache->value("users/minnamelength").toInt();
+    int maxNameLength = settingsCache->value("users/maxnamelength", 12).toInt();
+    int minNameLength = settingsCache->value("users/minnamelength", 6).toInt();
     if (user.length() < minNameLength || user.length() > maxNameLength)
         return false;
 
-    bool allowPunctuationPrefix = settingsCache->value("users/allowpunctuationprefix").toBool();
-    QString allowedPunctuation = settingsCache->value("users/allowedpunctuation").toString();
+    bool allowPunctuationPrefix = settingsCache->value("users/allowpunctuationprefix", false).toBool();
+    QString allowedPunctuation = settingsCache->value("users/allowedpunctuation", "_").toString();
     if (!allowPunctuationPrefix && allowedPunctuation.contains(user.at(0)))
         return false;
 
     QString regEx("[");
-    if (settingsCache->value("users/allowlowercase").toBool())
+    if (settingsCache->value("users/allowlowercase", true).toBool())
         regEx.append("a-z");
-    if (settingsCache->value("users/allowuppercase").toBool())
+    if (settingsCache->value("users/allowuppercase", true).toBool())
         regEx.append("A-Z");
-    if(settingsCache->value("users/allownumerics").toBool())
+    if(settingsCache->value("users/allownumerics", true).toBool())
         regEx.append("0-9");
     regEx.append(allowedPunctuation);
     regEx.append("]+");

From 23b163341e639858210a43a200bbedf39984a488 Mon Sep 17 00:00:00 2001
From: Matt Lowe <matthewneillowe@gmail.com>
Date: Wed, 24 Jun 2015 13:08:38 +0200
Subject: [PATCH 3/3] Escaped additional punctuation

---
 servatrice/src/servatrice_database_interface.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/servatrice/src/servatrice_database_interface.cpp b/servatrice/src/servatrice_database_interface.cpp
index 77a0029b..3a81c9ba 100644
--- a/servatrice/src/servatrice_database_interface.cpp
+++ b/servatrice/src/servatrice_database_interface.cpp
@@ -137,7 +137,7 @@ bool Servatrice_DatabaseInterface::usernameIsValid(const QString &user)
         regEx.append("A-Z");
     if(settingsCache->value("users/allownumerics", true).toBool())
         regEx.append("0-9");
-    regEx.append(allowedPunctuation);
+    regEx.append(QRegExp::escape(allowedPunctuation));
     regEx.append("]+");
 
     static QRegExp re = QRegExp(regEx);