--- loncom/Attic/lcuseradd	2000/10/29 22:52:30	1.6
+++ loncom/Attic/lcuseradd	2000/10/29 23:14:16	1.7
@@ -20,6 +20,19 @@ use strict;
 # Second line is PASSWORD
 # Third line is PASSWORD
 
+# Valid passwords must consist of the
+# ascii characters within the inclusive
+# range of 0x20 (32) to 0x7E (126).
+# These characters are:
+# SPACE and
+# !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNO
+# PQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
+
+# Valid user names must consist of ascii
+# characters that are alphabetical characters
+# (A-Z,a-z), numeric (0-9), or the underscore
+# mark (_). (Essentially, the perl regex \w).
+
 # Command-line arguments [USERNAME] [PASSWORD] [PASSWORD]
 # Yes, but be very careful here (don't pass shell commands)
 # and this is only supported to allow perl-system calls.
@@ -87,6 +100,14 @@ my ($username,$password1,$password2)=@in
 $username=~/^(\w+)$/;
 my $safeusername=$1;
 
+# Only add user if we can create a brand new home directory (/home/username).
+if (-e "/home/$safeusername") {
+    print "Error. User already exists.\n" unless $noprint;
+    unlink('/tmp/lock_lcpasswd');
+    exit 8;
+}
+
+# Only add user if the two password arguments match.
 if ($password1 ne $password2) {
     print "Error. Password mismatch.\n" unless $noprint;
     unlink('/tmp/lock_lcpasswd');
@@ -103,6 +124,8 @@ if (system('/usr/sbin/useradd','-c','LON
     unlink('/tmp/lock_lcpasswd');
     exit 5;
 }
+
+# Make www a member of that user group.
 if (system('/usr/sbin/usermod','-G',$safeusername,'www')) {
     print "Error. Could not make www a member of the group \"$safeusername\".\n" unless $noprint;
     unlink('/tmp/lock_lcpasswd');
@@ -116,6 +139,7 @@ if (system('/usr/sbin/usermod','-G',$saf
 
 
 
+
 # ----------------------------------------------------------- have setuid script run as root
 sub enable_root_capability {
     if ($wwwid==$>) {