From ec6a763aa2fa4648e86a06625211499163dd876d Mon Sep 17 00:00:00 2001
From: alejandro-campos <alejandro.campos@artica.es>
Date: Fri, 10 Jan 2020 13:24:00 +0100
Subject: [PATCH 1/2] add check to prevent user creation with an id with
 trailing spaces

---
 pandora_console/godmode/users/configure_user.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php
index 602a536f5a..089fb355cb 100644
--- a/pandora_console/godmode/users/configure_user.php
+++ b/pandora_console/godmode/users/configure_user.php
@@ -243,6 +243,12 @@ if ($create_user) {
         $password_new = '';
         $password_confirm = '';
         $new_user = true;
+    } else if (preg_match('/\s+$/', io_safe_output($id))) {
+        ui_print_error_message(__('Invalid user ID: trailing blank spaces not allowed'));
+        $user_info = $values;
+        $password_new = '';
+        $password_confirm = '';
+        $new_user = true;
     } else if ($password_new == '') {
         ui_print_error_message(__('Passwords cannot be empty'));
         $user_info = $values;

From 78df8dcb95034f04cd305ec5ba699a877ecf8bc3 Mon Sep 17 00:00:00 2001
From: alejandro-campos <alejandro.campos@artica.es>
Date: Fri, 10 Jan 2020 13:50:04 +0100
Subject: [PATCH 2/2] prevent user creation with leading or trailing spaces in
 user id

---
 pandora_console/godmode/users/configure_user.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php
index 089fb355cb..cd93489653 100644
--- a/pandora_console/godmode/users/configure_user.php
+++ b/pandora_console/godmode/users/configure_user.php
@@ -243,8 +243,8 @@ if ($create_user) {
         $password_new = '';
         $password_confirm = '';
         $new_user = true;
-    } else if (preg_match('/\s+$/', io_safe_output($id))) {
-        ui_print_error_message(__('Invalid user ID: trailing blank spaces not allowed'));
+    } else if (preg_match('/^\s+|\s+$/', io_safe_output($id))) {
+        ui_print_error_message(__('Invalid user ID: leading or trailing blank spaces not allowed'));
         $user_info = $values;
         $password_new = '';
         $password_confirm = '';