From 1f81b3fbeea8aaccae3aeea3985a96393823679a Mon Sep 17 00:00:00 2001
From: Jacob Tomlinson <jacob@jacobtomlinson.co.uk>
Date: Tue, 3 Jun 2014 17:03:58 +0100
Subject: [PATCH] Remove allowed characters before name before alphanumeric
 test

---
 application/config/aauth.php    | 3 +++
 application/libraries/Aauth.php | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/application/config/aauth.php b/application/config/aauth.php
index 021fafc..c6cd990 100644
--- a/application/config/aauth.php
+++ b/application/config/aauth.php
@@ -43,6 +43,9 @@ $config['aauth'] = array(
     // pasword maximum char long (min is 4)
     'max' => 13,
 
+    // non alphanumeric characters that are allowed in a name
+    'valid_chars' => array(' ', '\''),
+
     // it limits login attempts
     'dos_protection' => true,
 
diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php
index 2d97d5a..4753e80 100644
--- a/application/libraries/Aauth.php
+++ b/application/libraries/Aauth.php
@@ -297,7 +297,7 @@ class Aauth {
             $this->error($this->config_vars['pass_invalid']);
             $valid = false;
         }
-        if ($name !='' and !ctype_alnum($name)){
+        if ($name !='' and !ctype_alnum(str_replace($this->config_vars['valid_chars'], '', $name))){
             $this->error($this->config_vars['name_invalid']);
             $valid = false;
         }