Open includes/functions_user.php
FIND
Code: Select all
function validate_data($data, $val_ary)
{
global $user;
$error = array();
ADD AFTER
Code: Select all
// Check the password against the username
if(!empty($data['username']) && !empty($data['new_password']))
{
$uname = trim(strtolower($data['username']));
$pass = trim(strtolower($data['new_password']));
// Remove whitespace.
$remove = array(' ', "\t");
$pass = str_replace($remove, '', $pass);
$uname = str_replace($remove, '', $uname);
if (strpos($pass, $uname) !== false)
{
$error[] = $user->lang['NO_USERNAME_PASSWORD'];
}
}
Open language/en/ucp.php
FIND
Code: Select all
'NO_TO_RECIPIENT' => 'None',
ADD AFTER
Code: Select all
'NO_USERNAME_PASSWORD' => 'Your password is not allowed to contain your username',
Remember to always backup stuff first.