aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apps/provisioning_api/lib/Controller/UsersController.php4
-rw-r--r--lib/private/User/Database.php4
2 files changed, 7 insertions, 1 deletions
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php
index a26479ba0a8..839ac404c94 100644
--- a/apps/provisioning_api/lib/Controller/UsersController.php
+++ b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -837,7 +837,9 @@ class UsersController extends AUserData {
switch ($key) {
case self::USER_FIELD_DISPLAYNAME:
case IAccountManager::PROPERTY_DISPLAYNAME:
- $targetUser->setDisplayName($value);
+ if (!$targetUser->setDisplayName($value)) {
+ throw new OCSException('Invalid displayname', 102);
+ }
break;
case self::USER_FIELD_QUOTA:
$quota = $value;
diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php
index 4821a2fc632..fce7551c242 100644
--- a/lib/private/User/Database.php
+++ b/lib/private/User/Database.php
@@ -215,6 +215,10 @@ class Database extends ABackend implements
* Change the display name of a user
*/
public function setDisplayName(string $uid, string $displayName): bool {
+ if (mb_strlen($displayName) > 64) {
+ return false;
+ }
+
$this->fixDI();
if ($this->userExists($uid)) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-22 01:02:46 +0000