Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.892.2.21
diff -u -p -r1.892.2.21 user.module
--- modules/user/user.module	11 May 2010 10:38:39 -0000	1.892.2.21
+++ modules/user/user.module	19 May 2010 11:48:07 -0000
@@ -378,11 +378,21 @@ function user_save($account, $array = ar
  * Verify the syntax of the given name.
  */
 function user_validate_name($name) {
-  if (!strlen($name)) return t('You must enter a username.');
-  if (substr($name, 0, 1) == ' ') return t('The username cannot begin with a space.');
-  if (substr($name, -1) == ' ') return t('The username cannot end with a space.');
-  if (strpos($name, '  ') !== FALSE) return t('The username cannot contain multiple spaces in a row.');
-  if (ereg("[^\x80-\xF7 [:alnum:]@_.-]", $name)) return t('The username contains an illegal character.');
+  if (!strlen($name)) {
+    return t('You must enter a username.');
+  }
+  if (substr($name, 0, 1) == ' ') {
+    return t('The username cannot begin with a space.');
+  }
+  if (substr($name, -1) == ' ') {
+    return t('The username cannot end with a space.');
+  }
+  if (strpos($name, '  ') !== FALSE) {
+    return t('The username cannot contain multiple spaces in a row.');
+  }
+  if (preg_match('/[^\x{80}-\x{F7} a-z0-9@_.\'-]/i', $name)) {
+    return t('The username contains an illegal character.');
+  }
   if (preg_match('/[\x{80}-\x{A0}'.          // Non-printable ISO-8859-1 + NBSP
                    '\x{AD}'.                 // Soft-hyphen
                    '\x{2000}-\x{200F}'.      // Various space characters
@@ -391,12 +401,13 @@ function user_validate_name($name) {
                    '\x{FEFF}'.               // Byte order mark
                    '\x{FF01}-\x{FF60}'.      // Full-width latin
                    '\x{FFF9}-\x{FFFD}'.      // Replacement characters
-                   '\x{0}]/u',               // NULL byte
+                   '\x{0}-\x{1F}]/u',        // NULL byte and control characters
                    $name)) {
     return t('The username contains an illegal character.');
   }
-  if (strpos($name, '@') !== FALSE && !eregi('@([0-9a-z](-?[0-9a-z])*.)+[a-z]{2}([zmuvtg]|fo|me)?$', $name)) return t('The username is not a valid authentication ID.');
-  if (strlen($name) > USERNAME_MAX_LENGTH) return t('The username %name is too long: it must be %max characters or less.', array('%name' => $name, '%max' => USERNAME_MAX_LENGTH));
+  if (drupal_strlen($name) > USERNAME_MAX_LENGTH) {
+    return t('The username %name is too long: it must be %max characters or less.', array('%name' => $name, '%max' => USERNAME_MAX_LENGTH));
+  }
 }
 
 function user_validate_mail($mail) {