Welcome to Geeklog, Anonymous Friday, May 17 2024 @ 08:09 pm EDT

Geeklog Forums

User Registration Question!


Status: offline

williambrandes

Forum User
Junior
Registered: 11/09/04
Posts: 32
Location:Mount Vernon OH USA
caffeinated
Hi, using 1.3.10 (I know update, but, been running flawlessly and pretty much locked down).

But, got a question after all these years. Noticed that when you register to the site there is no disclaimer that you cannot use spaces in the username, but, when you look at admin users there is this beside that textbox (do not use spaces). OK, if you can't use spaces, but, the registration doesn't error (and, it doesn't), where does it go? Can these folks log-in?

And, if not, what file do I drop that disclaimer into where the user first registers? Thanks. William
William Brandes Consulting
www.wbrandes.com
 Quote

williambrandes

Anonymous
Answering my own question. But.......... going through some comments realize that at least one user has subscribed with a username with spaces - xxxxx xxxxx - and, without giving any other info other than E-mail address, so, it seems that you can register as the above. I guess the question now is how do you get that comment out of the admin. Just for grins since I guess it means nothing. William
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Spaces are fine in usernames and the comment has already been removed from the admin page in CVS (i.e. will be gone in the next release).


Quote by williambrandes: Hi, using 1.3.10 (I know update, but, been running flawlessly and pretty much locked down).

Well, I hope you know what you're doing Neutral The last two security issues also affect your version which means, for example, that anyone can log into your site as any other user.

1.3.10 isn't supported any more. You should have updated to 1.3.11 when that came out ...

bye, Dirk
 Quote

williambrandes

Anonymous
anyone can log into your site as any other user

Dirk, what do you actually mean by that? Guest/Anonymous posting? Or, do you mean by knowing someones user and password? I'm set up so you have to be registered to post AND comment AND search.

Anyway, I had downloaded the latest GeekLog version and was going to just rework the whole thing in my spare time. But, wondering on the above.

Worked alot of CMS and this is the best pound for pound. Bar none. Since I upload on dial-up. CMS for the rest of the world. Great work. William
 Quote

Status: offline

kr

Forum User
Newbie
Registered: 03/02/06
Posts: 4
Location:Germany
williambrandes maybe you should take a look on the geeklog.net mainpage much more frequently...

I thought Dirk was talking about this Article: http://http://www.geeklog.net/article.php/geeklog-1.4.0sr2

And he wants to told you that anybody can login as anybody on your page. Means doesn't need to have any password regarding this security issue.

Greetz, KR
 Quote

williambrandes

Anonymous
The link is http://www.geeklog.net/article.php/geeklog-1.4.0sr2
Yes already had upgraded the sessions file. Forget the question. Perhaps that gives away too much. Great work Dirk. Still, best CMS in my book. At least you haven't changed the name as is the case with Mambo. William
 Quote

williambrandes

Anonymous
And, perhaps this thread is more interesting http://www.geeklog.net/forum/viewtopic.php?showtopic=65105 I have also had registrations of evrika5@mail.ru and valenok55@mail.ru but showed them the door. William
 Quote

Status: offline

1000ideen

Forum User
Full Member
Registered: 08/04/03
Posts: 1298
Er, Mambo did not really change its name but there is a fork called Joomla or so.
Nevertheles I agree with you that GL is good.

You can change the expression (do not use spaces) in the language file. GL accepts spaces and 'funny signs' ö ä ü ß.

I just wonder where I can see what it does not accept.
 Quote

williambrandes

Anonymous
I just wonder where I can see what it does not accept.

Hmmmmmmmmmm. Good question. As for Mambo, yeah, seems a lot of folks have gone down that fork/grin. Thanks for the heads up on the file. William
 Quote

All times are EDT. The time is now 08:09 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content