From e8648e52ecd27dea3603e8e8a08303fe41bbe86b Mon Sep 17 00:00:00 2001
From: Alexei <karpen_ko@hotmail.com>
Date: Mon, 4 May 2020 20:21:57 +0200
Subject: [PATCH] person/Benutzer_model.php: generated alias string is
 sanitized (special characters, spaces,...)

---
 application/models/person/Benutzer_model.php | 48 +++++++++++++++++++-
 1 file changed, 46 insertions(+), 2 deletions(-)

diff --git a/application/models/person/Benutzer_model.php b/application/models/person/Benutzer_model.php
index b2bc0f027..2c65003dd 100644
--- a/application/models/person/Benutzer_model.php
+++ b/application/models/person/Benutzer_model.php
@@ -59,7 +59,7 @@ class Benutzer_model extends DB_Model
 	}
 
 	/**
-	 * Generates alias for a uid
+	 * Generates alias for a uid.
 	 * @param $uid
 	 * @return array the alias
 	 */
@@ -73,7 +73,7 @@ class Benutzer_model extends DB_Model
 		if (hasData($nameresult))
 		{
 			$aliasdata = getData($nameresult);
-			$alias = mb_strtolower($aliasdata[0]->vorname).'.'.mb_strtolower($aliasdata[0]->nachname);
+			$alias = $this->_sanitizeAliasName($aliasdata[0]->vorname).'.'.$this->_sanitizeAliasName($aliasdata[0]->nachname);
 			$aliasexists = $this->aliasExists($alias);
 
 			if (hasData($aliasexists) && !getData($aliasexists)[0])
@@ -82,4 +82,48 @@ class Benutzer_model extends DB_Model
 		}
 		return success($aliasres);
 	}
+
+	// --------------------------------------------------------------------------------------------
+	// Private methods
+
+	/**
+	 * Sanitizes a string used for alias. Replaces special characters, spaces, upper case.
+	 * @param string $str
+	 * @return string
+	 */
+	private function _sanitizeAliasName($str)
+	{
+		$enc = 'UTF-8';
+
+		$acentos = array(
+			'A' => '/&Agrave;|&Aacute;|&Acirc;|&Atilde;|&Aring;/',
+			'Ae' => '/&Auml;/',
+			'a' => '/&agrave;|&aacute;|&acirc;|&atilde;|&aring;/',
+			'ae'=> '/&auml;/',
+			'C' => '/&Ccedil;/',
+			'c' => '/&ccedil;/',
+			'E' => '/&Egrave;|&Eacute;|&Ecirc;|&Euml;/',
+			'e' => '/&egrave;|&eacute;|&ecirc;|&euml;/',
+			'I' => '/&Igrave;|&Iacute;|&Icirc;|&Iuml;/',
+			'i' => '/&igrave;|&iacute;|&icirc;|&iuml;/',
+			'N' => '/&Ntilde;/',
+			'n' => '/&ntilde;/',
+			'O' => '/&Ograve;|&Oacute;|&Ocirc;|&Otilde;/',
+			'Oe' => '/&Ouml;/',
+			'o' => '/&ograve;|&oacute;|&ocirc;|&otilde;/',
+			'oe' => '/&ouml;/',
+			'U' => '/&Ugrave;|&Uacute;|&Ucirc;/',
+			'Ue' => '/&Uuml;/',
+			'u' => '/&ugrave;|&uacute;|&ucirc;/',
+			'ue' => '/&uuml;/',
+			'Y' => '/&Yacute;/',
+			'y' => '/&yacute;|&yuml;/',
+			'a.' => '/&ordf;/',
+			'o.' => '/&ordm;/',
+			'ss' => '/&szlig;/',
+		);
+
+		$str = preg_replace($acentos, array_keys($acentos), htmlentities($str,ENT_NOQUOTES, $enc));
+		return mb_strtolower(str_replace(' ','_', $str));
+	}
 }