User names mangled in htpasswd and group names mangled in htgroup

[dgeary2]

Capital letters get lowercased, and '@' and '-' (and many other special characters) get removed from usernames when htpasswd file is saved.

This also happens for group names in the htgroup file but it does not happen for usernames in the htgroup file.

This is noticable because the usernames which were mangled are not listed in any groups.

The whitelist of allowed characters is too restrictive.

vendor/rafaelgou/php-apache2-basic-auth/src/Apache2BasicAuth/Model/User.php:60: $this->username = strtolower(preg_replace('~[^A-Za-z0-9?.!]~', '', $username));

vendor/rafaelgou/php-apache2-basic-auth/src/Apache2BasicAuth/Model/Group.php:47: $this->name = strtolower(preg_replace('~[^A-Za-z0-9?.!]~', '', $name));

https://httpd.apache.org/docs/2.4/programs/htpasswd.html Usernames are limited to 255 bytes and may not include the character :.

[dgeary2]

This is actually an issue with php-apache2-basic-auth not php-apache2-basic-auth-manager. Re-posted the issue there: https://github.com/rafaelgou/php-apache2-basic-auth/issues/3