Skip to content

S
solo
Commit ba1be129 authored by Liang Ding's avatar Liang Ding
Browse files
Options

为了安全,不能使用包含 admin 的用户名进行初始化

parent 05e19bdb
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 5 deletions
src/main/java/org/b3log/solo/processor/InitProcessor.java
View file @ ba1be129
...@@ -52,7 +52,7 @@ import org.json.JSONObject; ...@@ -52,7 +52,7 @@ import org.json.JSONObject;
* Solo initialization service. * Solo initialization service.
* *
* @author <a href="http://88250.b3log.org">Liang Ding</a> * @author <a href="http://88250.b3log.org">Liang Ding</a>
* @version 1.2.0.8, Oct 17, 2015 * @version 1.2.0.9, Apr 15, 2016
* @since 0.4.0 * @since 0.4.0
*/ */
@RequestProcessor @RequestProcessor
...@@ -174,7 +174,7 @@ public class InitProcessor { ...@@ -174,7 +174,7 @@ public class InitProcessor {
} }
if (invalidUserName(userName)) { if (invalidUserName(userName)) {
ret.put(Keys.MSG, "Init failed, please check your input [username: length [1, 20], content {a-z, A-Z, 0-9}]"); ret.put(Keys.MSG, "Init failed, please check your username (length [1, 20], content {a-z, A-Z, 0-9}, do not contain 'admin' for security reason]");
return; return;
} }
...@@ -211,6 +211,7 @@ public class InitProcessor { ...@@ -211,6 +211,7 @@ public class InitProcessor {
* <ul> * <ul>
* <li>length [1, 20]</li> * <li>length [1, 20]</li>
* <li>content {a-z, A-Z, 0-9}</li> * <li>content {a-z, A-Z, 0-9}</li>
* <li>Not contains "admin"/"Admin"</li>
* </ul> * </ul>
* </p> * </p>
* *
...@@ -234,6 +235,6 @@ public class InitProcessor { ...@@ -234,6 +235,6 @@ public class InitProcessor {
return true; return true;
} }
return false; return name.contains("admin") || name.contains("Admin");
} }
} }
src/main/java/org/b3log/solo/processor/LoginProcessor.java
View file @ ba1be129
...@@ -65,7 +65,7 @@ import java.util.Map; ...@@ -65,7 +65,7 @@ import java.util.Map;
* <p>Initializes administrator</p>. * <p>Initializes administrator</p>.
* *
* @author <a href="http://88250.b3log.org">Liang Ding</a> * @author <a href="http://88250.b3log.org">Liang Ding</a>
* @author <a href="mailto:LLY219@gmail.com">Liyuan Li</a> * @author <a href="http://vanessa.b3log.org">Liyuan Li</a>
* @author <a href="mailto:dongxu.wang@acm.org">Dongxu Wang</a> * @author <a href="mailto:dongxu.wang@acm.org">Dongxu Wang</a>
* @version 1.1.1.7, Nov 20, 2015 * @version 1.1.1.7, Nov 20, 2015
* @since 0.3.1 * @since 0.3.1
......
src/main/webapp/css/default-init.css
View file @ ba1be129
...@@ -17,7 +17,8 @@ ...@@ -17,7 +17,8 @@
* 403, 404, 500, article-pwd, init, login and kill-browser page style. * 403, 404, 500, article-pwd, init, login and kill-browser page style.
* *
* @author <a href="http://vanessa.b3log.org">Liyuan Li</a> * @author <a href="http://vanessa.b3log.org">Liyuan Li</a>
* @version 1.0.1.6, Sep 12, 2013 * @author <a href="http://88250.b3log.org">Liang Ding</a>
* @version 1.0.1.7, Apr 15, 2016
*/ */
html { html {
height: 100%; height: 100%;
...@@ -165,6 +166,7 @@ button:active { ...@@ -165,6 +166,7 @@ button:active {
border-style: solid solid none; border-style: solid solid none;
border-width: 1px; border-width: 1px;
margin: 0 auto; margin: 0 auto;
padding: 0 0 28px 0;
position: relative; position: relative;
width: 700px; width: 700px;
top: 60px; top: 60px;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment