From 8034b5316a777596b817e02133f90dc4d9565387 Mon Sep 17 00:00:00 2001
From: Alexandre SPANGARO <aspangaro.dolibarr@gmail.com>
Date: Tue, 4 Jan 2022 12:05:06 +0100
Subject: [PATCH 1/3] NEW Add possibility with constant
 MAIN_LOGIN_BADCHARUNAUTHORIZED to define bad character unauthorized into
 login name

---
 htdocs/user/class/user.class.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index 780744b4c8e..4da393f6564 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -1393,6 +1393,8 @@ class User extends CommonObject
 
 		dol_syslog(get_class($this)."::create login=".$this->login.", user=".(is_object($user) ? $user->id : ''), LOG_DEBUG);
 
+		$badCharUnauthorizedIntoLoginName = getDolGlobalString('MAIN_LOGIN_BADCHARUNAUTHORIZED', '/[,@<>"\']/');
+
 		// Check parameters
 		if (!empty($conf->global->USER_MAIL_REQUIRED) && !isValidEMail($this->email)) {
 			$langs->load("errors");
@@ -1403,7 +1405,7 @@ class User extends CommonObject
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Login"));
 			return -1;
-		} elseif (preg_match('/[,@<>"\']/', $this->login)) {
+		} elseif (preg_match($badCharUnauthorizedIntoLoginName, $this->login)) {
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorBadCharIntoLoginName");
 			return -1;
@@ -1787,6 +1789,8 @@ class User extends CommonObject
 		$this->fk_warehouse = (int) $this->fk_warehouse;
 
 		// Check parameters
+		$badCharUnauthorizedIntoLoginName = getDolGlobalString('MAIN_LOGIN_BADCHARUNAUTHORIZED', '/[,@<>"\']/');
+
 		if (!empty($conf->global->USER_MAIL_REQUIRED) && !isValidEMail($this->email)) {
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorBadEMail", $this->email);
@@ -1796,7 +1800,7 @@ class User extends CommonObject
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorFieldRequired", 'Login');
 			return -1;
-		} elseif (preg_match('/[,@<>"\']/', $this->login)) {
+		} elseif (preg_match($badCharUnauthorizedIntoLoginName, $this->login)) {
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorBadCharIntoLoginName");
 			return -1;

From 6677eccf45e01f334f84fc51449d4e96fb97ce05 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 25 Jan 2022 16:01:50 +0100
Subject: [PATCH 2/3] Update user.class.php

---
 htdocs/user/class/user.class.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index 6d4530d6077..a9dcbfe3b87 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -1393,7 +1393,7 @@ class User extends CommonObject
 
 		dol_syslog(get_class($this)."::create login=".$this->login.", user=".(is_object($user) ? $user->id : ''), LOG_DEBUG);
 
-		$badCharUnauthorizedIntoLoginName = getDolGlobalString('MAIN_LOGIN_BADCHARUNAUTHORIZED', '/[,@<>"\']/');
+		$badCharUnauthorizedIntoLoginName = getDolGlobalString('MAIN_LOGIN_BADCHARUNAUTHORIZED', ',@<>"\'');
 
 		// Check parameters
 		if (!empty($conf->global->USER_MAIL_REQUIRED) && !isValidEMail($this->email)) {
@@ -1405,7 +1405,7 @@ class User extends CommonObject
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Login"));
 			return -1;
-		} elseif (preg_match($badCharUnauthorizedIntoLoginName, $this->login)) {
+		} elseif (preg_match('/['.preg_quote($badCharUnauthorizedIntoLoginName, '/').']/', $this->login)) {
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorBadCharIntoLoginName");
 			return -1;

From 05ff99f2e61bd44af1646020a6a85299304d97f7 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 25 Jan 2022 16:03:30 +0100
Subject: [PATCH 3/3] Update user.class.php

---
 htdocs/user/class/user.class.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index a9dcbfe3b87..cd38b9f2d66 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -1789,7 +1789,7 @@ class User extends CommonObject
 		$this->fk_warehouse = (int) $this->fk_warehouse;
 
 		// Check parameters
-		$badCharUnauthorizedIntoLoginName = getDolGlobalString('MAIN_LOGIN_BADCHARUNAUTHORIZED', '/[,@<>"\']/');
+		$badCharUnauthorizedIntoLoginName = getDolGlobalString('MAIN_LOGIN_BADCHARUNAUTHORIZED', ',@<>"\'');
 
 		if (!empty($conf->global->USER_MAIL_REQUIRED) && !isValidEMail($this->email)) {
 			$langs->load("errors");
@@ -1800,7 +1800,7 @@ class User extends CommonObject
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorFieldRequired", 'Login');
 			return -1;
-		} elseif (preg_match($badCharUnauthorizedIntoLoginName, $this->login)) {
+		} elseif (preg_match('/['.preg_quote($badCharUnauthorizedIntoLoginName, '/').']/', $this->login)) {
 			$langs->load("errors");
 			$this->error = $langs->trans("ErrorBadCharIntoLoginName");
 			return -1;