Skip to content
Snippets Groups Projects
Commit 0d7fdb06 authored by Rob Swindell's avatar Rob Swindell :speech_balloon:
Browse files

Don't allow QWKnet accounts with login IDs that match the account password

Don't give QWKnet accounts the 'M' (email messages per day) exemption by
default as this has been abused by email spammers.

These are security/anti-spam improvements.
parent a6aae003
No related branches found
No related tags found
1 merge request!463MRC mods by Codefenix (2024-10-20)
// newuser.js
// New user login module
// $Id: newuser.js,v 1.30 2019/04/28 23:25:44 rswindell Exp $
// @format.tab-size 8, @format.use-tabs true
load("sbbsdefs.js");
const QWK_ID_PATTERN = /^[A-Z]\w{1,7}$/;
......@@ -63,6 +57,9 @@ function chk_qwk_id(str)
if(system.trashcan(str))
return(false);
if(str.toLowerCase() == user.security.password.toLowerCase())
return(false);
return(true);
}
......@@ -76,7 +73,8 @@ if(qnet) {
printf("This is an invalid QWK ID. Your QWK ID MUST be ");
printf("between 2 and 8 characters in\r\n");
printf("length, must begin with a letter and contain only valid ");
printf("DOS filename characters.\r\n\r\n");
printf("DOS filename characters.\r\n");
printf("Your QWK ID cannot be the same as your password.\r\n\r\n");
printf("\1y\1hYour correct QWK ID (as configured in your ");
printf("BBS software) is: ");
alias=console.getstr(8,K_UPPER|K_LINE|K_NOEXASC);
......@@ -88,7 +86,6 @@ if(qnet) {
user.security.exemptions|=UFLAG_L;
user.security.exemptions|=UFLAG_T;
user.security.exemptions|=UFLAG_D;
user.security.exemptions|=UFLAG_M;
}
if(options.ask_sysop
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment