MDL-8096 - added proper trimming of usernames; site:config capability is now neede...

diff --git a/user/editadvanced.php b/user/editadvanced.php
index e1982df24c0289fd3968040104f2f259f1f154fa..bebcc019ce5e88ed651cfef7ba376cce5363c578 100644 (file)
--- a/user/editadvanced.php
+++ b/user/editadvanced.php
@@ -69,6 +69,7 @@
             $authplugin = get_auth_plugin($usernew->auth);
         }
 
+        $usernew->username     = trim($usernew->username);
         $usernew->timemodified = time();
 
         if ($usernew->id == -1) {

diff --git a/user/editadvanced_form.php b/user/editadvanced_form.php
index 896dc22a6bd0e2f0c4b68cc159a2fd4d44336377..88a9879418e63459bfe44f874dc6cf44c2de5db6 100644 (file)
--- a/user/editadvanced_form.php
+++ b/user/editadvanced_form.php
@@ -93,10 +93,15 @@ class user_editadvanced_form extends moodleform {
         global $CFG;
 
         $usernew = (object)$usernew;
-        $user    = get_record('user', 'id', $usernew->id);
-        $err     = array();
+        $usernew->username = trim($usernew->username);
 
-        if (!$user or $user->username !== $usernew->username) {
+        $user = get_record('user', 'id', $usernew->id);
+        $err = array();
+
+        if (empty($usernew->username)) {
+            //might be only whitespace
+            $err['username'] = get_string('required');
+        } else if (!$user or $user->username !== $usernew->username) {
             //check new username does not exist
             if (record_exists('user', 'username', $usernew->username, 'mnethostid', $CFG->mnet_localhost_id)) {
                 $err['username'] = get_string('usernameexists');