From a52193593491de7e649e68d3ef4597f36a65244a Mon Sep 17 00:00:00 2001
From: Sarjuuk <junkdump@gmx.net>
Date: Tue, 29 Mar 2016 21:16:16 +0200
Subject: [PATCH] User/Auth  * use char limit appropriate to current auth
 method, when checking usernames

---
 includes/user.class.php | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/includes/user.class.php b/includes/user.class.php
index ae7f9921..1156fab0 100644
--- a/includes/user.class.php
+++ b/includes/user.class.php
@@ -367,7 +367,21 @@ class User
     {
         $errCode = 0;
 
-        if (mb_strlen($name) < 4 || mb_strlen($name) > 16)
+        // different auth modes require different usernames
+        $min = 0;                                           // external case
+        $max = 0;
+        if (CFG_ACC_AUTH_MODE == AUTH_MODE_SELF)
+        {
+            $min = 4;
+            $max = 16;
+        }
+        else if (CFG_ACC_AUTH_MODE == AUTH_MODE_REALM)
+        {
+            $min = 3;
+            $max = 32;
+        }
+
+        if (($min && mb_strlen($name) < $min) || ($max && mb_strlen($name) > $max))
             $errCode = 1;
         else if (preg_match('/[^\w\d\-]/i', $name))
             $errCode = 2;