2 files changed, 15 insertions, 5 deletions

diff --git a/src/admin/language.php b/src/admin/language.php
index b2a7481..94be1ae 100644
--- a/src/admin/language.php
+++ b/src/admin/language.php
@@ -15,7 +15,7 @@
 //    You should have received a copy of the GNU General Public License
 //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ////////////////////////////////////////////////////////////////////////////////
-// Last modified 05/aug/2012 by cassio@ime.usp.br
+// Last modified 08/aug/2015 by cassio@ime.usp.br
 require('header.php');
 
 if(($ct = DBContestInfo($_SESSION["usertable"]["contestnumber"])) == null)
@@ -29,13 +29,18 @@ if (isset($_GET["delete"]) && is_numeric($_GET["delete"])) {
 
 if (isset($_POST["Submit3"]) && isset($_POST["langnumber"]) && is_numeric($_POST["langnumber"]) && 
     isset($_POST["langname"]) && $_POST["langname"] != "") {
+	if(strpos(trim($_POST["langname"]),' ')!==false) {
+		$_POST["confirmation"]='';
+		MSGError('Language name cannot have spaces');
+	} else {
 	if ($_POST["confirmation"] == "confirm") {
 		$param = array();
 		$param['number'] = $_POST['langnumber'];
-		$param['name'] = $_POST['langname'];
+		$param['name'] = trim($_POST['langname']);
 		$param['extension'] = $_POST['langextension'];
 		DBNewLanguage ($_SESSION["usertable"]["contestnumber"], $param);
 	}
+	}
 	ForceLoad("language.php");
 }
 ?>
diff --git a/src/admin/problem.php b/src/admin/problem.php
index 6a894ba..4228d05 100644
--- a/src/admin/problem.php
+++ b/src/admin/problem.php
@@ -15,7 +15,7 @@
 //    You should have received a copy of the GNU General Public License
 //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ////////////////////////////////////////////////////////////////////////////////
-// Last modified 31/aug/2012 by cassio@ime.usp.br
+// Last modified 08/aug/2015 by cassio@ime.usp.br
 if ($_POST["confirmation"] != "confirm")
 	unset($_POST['noflush']);
 
@@ -168,6 +168,10 @@ if(isset($_POST['Submit5']) && $_POST['Submit5']=='Send') {
 
 if (isset($_POST["Submit3"]) && isset($_POST["problemnumber"]) && is_numeric($_POST["problemnumber"]) && 
     isset($_POST["problemname"]) && $_POST["problemname"] != "") {
+	if(strpos(trim($_POST["problemname"]),' ')!==false) {
+		$_POST["confirmation"]='';
+		MSGError('Problem short name cannot have spaces');
+	} else {
 	if ($_POST["confirmation"] == "confirm") {
 		if ($_FILES["probleminput"]["name"] != "") {
 			$type=myhtmlspecialchars($_FILES["probleminput"]["type"]);
@@ -182,7 +186,7 @@ if (isset($_POST["Submit3"]) && isset($_POST["problemnumber"]) && is_numeric($_P
 
 		$param = array();
 		$param['number'] = $_POST["problemnumber"];
-		$param['name'] = $_POST["problemname"];
+		$param['name'] = trim($_POST["problemname"]);
 		$param['inputfilename'] = $name;
 		$param['inputfilepath'] = $temp;
 		$param['fake'] = 'f';
@@ -190,6 +194,7 @@ if (isset($_POST["Submit3"]) && isset($_POST["problemnumber"]) && is_numeric($_P
 		$param['color'] = $_POST["color"];
 		DBNewProblem ($_SESSION["usertable"]["contestnumber"], $param);
 	}
+	}
 	ForceLoad("problem.php");
 }
 ?>
@@ -340,7 +345,7 @@ To replace the data of a problem, proceed as if it did not exist (data will be r
         </td>
       </tr>
       <tr>
-	 <td width="35%" align=right>Short Name (usually a letter):</td>
+	 <td width="35%" align=right>Short Name (usually a letter, no spaces):</td>
         <td width="65%">
           <input type="text" name="problemname" value="" size="20" maxlength="20" />
         </td>