Hmm, the forum's interface is getting better and better...
Alex, I've sent you two emails this week from freemail.gossamer-threads.com as user with funny usernames.
I notised, that join.cgi allows users to have usernames that contain not valid characters for email address like ~, ®, ™, etc.
I am not going to use join, and login from GMail (I'll use centralized user database), but for other users would be better if you add some general validation rules for username and password fields.
Some general rules like:
- No characters other than A-Za-z0.-_ (did I miss something?) in username.
- No spaces in password.
- Password cannot be the same as username for obvious reasons.
- Password must be more than 6 characters.
- Better email address validation. Usually I use this regexp:It's just suggestion and it's really easy to implement in your current application.
rgrdz,
.\\ike
Alex, I've sent you two emails this week from freemail.gossamer-threads.com as user with funny usernames.
I notised, that join.cgi allows users to have usernames that contain not valid characters for email address like ~, ®, ™, etc.
I am not going to use join, and login from GMail (I'll use centralized user database), but for other users would be better if you add some general validation rules for username and password fields.
Some general rules like:
- No characters other than A-Za-z0.-_ (did I miss something?) in username.
- No spaces in password.
- Password cannot be the same as username for obvious reasons.
- Password must be more than 6 characters.
- Better email address validation. Usually I use this regexp:
Code:
/^[A-Z0-9][\-\.\_A-Z0-9]*\@\[?[\-\.A-Z0-9]+\.([A-Z]{2,3}|[^0-9]{1,3})\]?$/irgrdz,
.\\ike