From 8194be5e4dd3841d9be0e77ce17c00d05c26d4e1 Mon Sep 17 00:00:00 2001
From: Anaggh S <anagghscm@gmail.com>
Date: Wed, 1 Jan 2020 18:04:59 +0530
Subject: [PATCH] Fix #808 Remove special characters/spaces early to prevent
 overwrite

---
 bl-kernel/functions.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/bl-kernel/functions.php b/bl-kernel/functions.php
index ab5438f4..66cc849e 100644
--- a/bl-kernel/functions.php
+++ b/bl-kernel/functions.php
@@ -509,6 +509,8 @@ function createUser($args) {
 	global $L;
 	global $syslog;
 
+	$args['new_username'] = Text::removeSpecialCharacters($args['new_username']);
+
 	// Check empty username
 	if (Text::isEmpty($args['new_username'])) {
 		Alert::set($L->g('username-field-is-empty'), ALERT_STATUS_FAIL);
@@ -535,7 +537,7 @@ function createUser($args) {
 
 	// Filter form fields
 	$tmp = array();
-	$tmp['username'] = Text::removeSpecialCharacters($args['new_username']);
+	$tmp['username'] = $args['new_username'];
 	$tmp['password'] = $args['new_password'];
 	$tmp['role']	 = $args['role'];
 	$tmp['email']	 = $args['email'];