X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/029547855f76e5b3e628959cff01871865a07bc8..b2aba0f8e97c8723c3e24fba3b33a960dfe48db4:/app/models/user.rb

diff --git a/app/models/user.rb b/app/models/user.rb
index b52007602..81154fff7 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -28,6 +28,10 @@ class User < ActiveRecord::Base
   scope :active, -> { where(:status => ["active", "confirmed"]) }
   scope :public, -> { where(:data_public => true) }
 
+  has_attached_file :image,
+    :default_url => "/assets/:class/:attachment/:style.png",
+    :styles => { :large => "100x100>", :small => "50x50>" }
+
   validates_presence_of :email, :display_name
   validates_confirmation_of :email#, :message => ' addresses must match'
   validates_confirmation_of :pass_crypt#, :message => ' must match the confirmation password'
@@ -38,22 +42,19 @@ class User < ActiveRecord::Base
   validates_length_of :display_name, :within => 3..255, :allow_nil => true
   validates_email_format_of :email, :if => Proc.new { |u| u.email_changed? }
   validates_email_format_of :new_email, :allow_blank => true, :if => Proc.new { |u| u.new_email_changed? }
-  validates_format_of :display_name, :with => /\A[^\/;.,?%#]*\z/, :if => Proc.new { |u| u.display_name_changed? }
+  validates_format_of :display_name, :with => /\A[^\x00-\x1f\x7f\ufffe\uffff\/;.,?%#]*\z/, :if => Proc.new { |u| u.display_name_changed? }
   validates_format_of :display_name, :with => /\A\S/, :message => "has leading whitespace", :if => Proc.new { |u| u.display_name_changed? }
   validates_format_of :display_name, :with => /\S\z/, :message => "has trailing whitespace", :if => Proc.new { |u| u.display_name_changed? }
   validates_numericality_of :home_lat, :allow_nil => true
   validates_numericality_of :home_lon, :allow_nil => true
   validates_numericality_of :home_zoom, :only_integer => true, :allow_nil => true
   validates_inclusion_of :preferred_editor, :in => Editors::ALL_EDITORS, :allow_nil => true
+  validates_attachment_content_type :image, :content_type => /\Aimage\/.*\Z/
 
   after_initialize :set_defaults
   before_save :encrypt_password
   after_save :spam_check
 
-  has_attached_file :image,
-    :default_url => "/assets/:class/:attachment/:style.png",
-    :styles => { :large => "100x100>", :small => "50x50>" }
-
   def self.authenticate(options)
     if options[:username] and options[:password]
       user = where("email = ? OR display_name = ?", options[:username], options[:username]).first