From 508aca0b1ca4bf229bbfeefb0ef1104615e3a5a8 Mon Sep 17 00:00:00 2001
From: Guangcong Luo <zarelsl@gmail.com>
Date: Mon, 9 Apr 2012 17:32:26 -0400
Subject: [PATCH] Name sanitization for the new protocol

---
 users.js | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/users.js b/users.js
index 6d13ef1f6e..99f8f1dd8f 100644
--- a/users.js
+++ b/users.js
@@ -8,6 +8,18 @@ function getTime()
 {
 	return new Date().getTime();
 }
+function sanitizeName(name)
+{
+	name = name.trim();
+	if (name.length > 18) name = name.substr(0,18);
+	var noStartChars = {'&':1,'@':1,'%':1,'+':1,'!':1};
+	while (noStartChars[name.substr(0,1)])
+	{
+		name = name.substr(1);
+	}
+	name = name.replace(/[\|\[\]\,]/g, '');
+	return name;
+}
 
 function getUser(name)
 {
@@ -277,6 +289,7 @@ function User(name, person, token)
 		{
 			name = name.substr(1);
 		}
+		name = name.replace(/[\|\[\]\,]/g, '');
 		var userid = toUserid(name);
 		if (selfP.authenticated) auth = false;