From 72feceb3690f6fc76fa7dd91002c814bf32565b8 Mon Sep 17 00:00:00 2001
From: Michael <Michael@some.where>
Date: Mon, 10 Apr 2017 18:44:29 -0400
Subject: [PATCH] Fix massive security bug with display names

---
 Project-Unite/Controllers/AccountController.cs | 10 ++++++++++
 Project-Unite/Views/Shared/_Layout.cshtml      |  6 ++++++
 2 files changed, 16 insertions(+)

diff --git a/Project-Unite/Controllers/AccountController.cs b/Project-Unite/Controllers/AccountController.cs
index e23572d..6ee32d0 100644
--- a/Project-Unite/Controllers/AccountController.cs
+++ b/Project-Unite/Controllers/AccountController.cs
@@ -179,6 +179,16 @@ public async Task<ActionResult> Register(RegisterViewModel model)
         {
             if (ModelState.IsValid)
             {
+                using(var temp = new ApplicationDbContext())
+                {
+                    if(temp.Users.FirstOrDefault(x=>x.UserName==model.Username) != null)
+                    {
+                        ModelState.AddModelError("Your display name is already taken.");
+                        return View(model);
+                    }
+                }
+
+
                 var user = new ApplicationUser { UserName = model.Email, Email = model.Email, DisplayName = model.Username, Codepoints = 0, JoinedAt = DateTime.Now, MutedAt = DateTime.Now, BannedAt = DateTime.Now, LastLogin = DateTime.Now };
                 var result = await UserManager.CreateAsync(user, model.Password);
                 if (result.Succeeded)
diff --git a/Project-Unite/Views/Shared/_Layout.cshtml b/Project-Unite/Views/Shared/_Layout.cshtml
index 5455942..48d7d37 100644
--- a/Project-Unite/Views/Shared/_Layout.cshtml
+++ b/Project-Unite/Views/Shared/_Layout.cshtml
@@ -11,6 +11,12 @@
 <head>
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+    @if(ViewBag.PageDescription != null)
+    {
+        <meta name="description" content="@ViewBag.PageDescription" />
+    }
+
     <title>@ViewBag.Title &bull; Project: Unite</title>
     @Styles.Render("~/Content/css")
     @Styles.Render("~/Content/bootstrap-theme.css")