Welcome to Geeklog Sunday, June 16 2019 @ 07:19 pm EDT

Geeklog Forums

Special Characters in User Names


Status: offline

buddilla

Forum User
Newbie
Registered: 31/01/04
Posts: 9
confused
Since the update from 1.3.8 to 1.3.9 I have found that users that had special characters in thier usernames could not login.

Im glad i dont have alot of users that have special chararters. Shouldnt the User Names be simple strings that are not parsed or am i wrong. Cus this is what am seeing. Origonally the user had the name as: example

name'a'name

which i can understand how php can get confused here

exp: $var = 'name'a'name'

which is proven by the output of the error log

Wed Mar 24 00:11:57 2004 - Error, invalid username: name

using nam_a_name bombed as well

Wed Mar 24 00:16:18 2004 - Error, invalid username: name_a_name

is there a way to escape these problems in php without having the escape procces fall into aloop were the escape needs to be escaped ect...

hence a string having a back slash in its user name string would cause a problem as well.

The only thing i can think of is either say your not able to have special charaters in a username or, the username parsed each time to get each special charater escaped before output instead of in the saved username within the database.

Status: offline

Dirk

Site Admin
Admin
Registered: 12/01/02
Posts: 13073
Location:Stuttgart, Germany
This is something we have to address in future versions ...

Traditionally, Geeklog didn't really care about special characters in the username as it's using the user id internally all the time anyway. In 1.3.9, GET and POST parameters are filtered more strictly than before and as a result, some characters that were allowed before will be silently stripped off now.

Future versions will probably be more restrictive with regards to the allowable characters and we will have to come up with conversion functions for existing user names ...

bye, Dirk

Status: offline

buddilla

Forum User
Newbie
Registered: 31/01/04
Posts: 9
Thanks Much.
Maybe a plugin that searches usernames removes the characters then emails the user with the new name.

All times are EDT. The time is now 07:19 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content