#1020 closed enhancement (duplicate)
Restrict user names to reasonable subset
Reported by: | hoffmann | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | v1.1 |
Component: | Registration form | Version: | 0.98-dev |
Keywords: | Cc: |
Description
It is presently (0.98rc1) possible to choose a user name like "CERN&CTA" (no joke, it just happened). InDiCo? somehow translates this in to HTML-escaped "CERN&CTA", which then becomes impossible for the user to type (unless it is a very clever user ;-).
The interface for UID choice should restrict the UID (not passwords!) to something like [a-zA-Z_0-9] and maybe some more carefully selected special characters [+-@.].
Change History (5)
comment:1 Changed 3 years ago by hoffmann
comment:2 follow-up: ↓ 3 Changed 3 years ago by jbenito
- Milestone set to v1.1
- Status changed from new to infoneeded_new
As for the fist request: by any chance...did you do a patch for that? if so, can you attach it here please.
I would prefer not to interfere with the users will to write their name, we will face problems in situations like Jean-Yves Le Blah...
On the other hand, if somebody wishes that, we could add an option in the admin area to force that.
Cheers,
Jose
comment:3 in reply to: ↑ 2 Changed 3 years ago by hoffmann
Replying to jbenito:
As for the fist request: by any chance...did you do a patch for that? if so, can you attach it here please.
No, sorry. I have not yet worked on that.
I would prefer not to interfere with the users will to write their name, we will face problems in situations like Jean-Yves Le Blah...
Yes, since my second comment 8 months ago, I realized that writings for "Mc'Namara" and "Giscard d'Estaing" do not follow my general rule. Probably we have to live with it.
In fact, the annoying thing is that "John DOE" or "JOHN DOE" should become "John Doe", but I do not yet have a clever algorithm for that.
On the other hand, if somebody wishes that, we could add an option in the admin area to force that.
I am afraid there is no InDiCo? server which could reasonable work with the restriction I originally suggested (strict intitials capitalisation). But to forbid blunt capitals ("Jim IMPORTANT") would be a reasonable option in my opinion.
comment:4 Changed 2 years ago by jbenito
- Resolution set to duplicate
- Status changed from infoneeded_new to closed
See #1242
comment:5 in reply to: ↑ description Changed 2 years ago by hoffmann
Replying to hoffmann:
The interface for UID choice should restrict the UID (not passwords!) to something like [a-zA-Z_0-9] and maybe some more carefully selected special characters [+-@.].
I retract my proposal for the '@'!
Permitted characters should be no more than [a-zA-Z0-9] and [+-_.].
On a related note, InDiCo? could also use str.capitalize() on all incoming (real life) user names (first name, family name, ...) in order to have a uniform database.