#1  
01-23-2011, 05:41 PM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
 
Join Date: Feb 2004
Posts: 4,311
Thanked 374 Times in 341 Posts
Although this forum has been in current form for going on 3 years now --- as a vBulletin site, kept up to date, and using various in-house custom mods, vB.org mods and plugins --- it wasn't until this recent holiday season (Dec-Jan) that people started to register with stupid usernames that included a lot of ASCII. Example: ~J0EB()B+HE/GREA%~

We're of the opinion that a usename should be just that -- a user's "name" (be it real or pseudonym).

That implies mostly letters, possibly some "name-like" punctuation (periods, ampersands, spaces, hyphens). To help with name availability, standard numerals were allowed (0-9), and then some other standardized characters were allowed (i.e.: underscores and asterisks).

And NOT a jumble of random ASCII because you want to be a "kewl" computer nerd.

In some cases, I think allowing any and all characters could prove to be a security hazard, as it could potentially allow for PHP or SQL injections -- ugly, ugly stuff. So even if in the name of security, limiting username characters would be a wise move for your vB forum.

vBulletin includes the option to limit what is available to new registrations, but the code either does too much or not enough. You'll find this in the admincp, under vBulletin Options > User Registration Options in the page section Username Regular Expression:
Code:
(Do not start or end the expression with an escape character)
Examples:
^[A-Z]+$ - Characters from A-Z only
^[A-Z ]+$ - Characters from A-Z including space
^[A-Z0-9 ]+$ - Alphanumeric characters including space
^((?!&#\d+;)[\x20-\x7E])+$ - ASCII characters from 32-127
See PHP.net for more information on regular expressions.
A-Z is not enough.
A-Z with space is not enough.
A-Z,0-9 with space is not enough.
Characters 32-127 is way, way too much.

So I asked for help at the usual places:
  • vB.org (one answer),
  • vB.com (no answers -- figures),
  • vBSEO.com (where I'm a member because I hold a few vBSEO licenses, and always get great advice from the members and staff alike). vBSEO is now a dead site/project.
The best attempt at advice came from vBSEO, but unfortunately did not work. No matter what was suggested, there was no way to get a functional regular expression. A user at vB.org had a better suggestion -- to insert characters, separated by a space, in the Illegal User Names field. And that's what has worked to prevent the most common "stupid user names".

You can also block dumb ASCII names by adding this to your Illegal User Names:
Code:
@ ~ ` # $ % ^ ( ) + = { [ ] } | \ / ? < > , ; : " '
Because we also actively screen new users (name, email, IP) about once a week, I'll just continue to manually fix/delete accounts that have used ASCII, as well as enter new ASCII that's been used into the Illegal User Names list.

Yes, it's not as foolproof as a Regular Expression, and it's rather quick and dirty -- but it's still somewhat effective for the basics (i.e., anything found on the keyboard or with SHIFT+keyboard). And that's really all that matters to me.

I hope this helps some fellow vBulletin admins.


If interested, you can read the other threads at:

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
Someday, 12:01 PM
admin's Avatar
Ads / Sponsors
 
Join Date: ∞
Posts: 42
Thanks: ∞
Thanked 42 Times in 42 Posts
Reply




Similar Threads
Thread Thread Starter Forum Replies Last Post
Quality vBulletin themes for only $4 admin Web Development, Design 1 07-25-2013 07:06 PM
VBulletin web streaming admin Website and Server Troubleshooting 3 04-25-2009 11:00 PM
DVDWS2 - important note - prevent fuzzy menus lordsmurf Author, Make Menus, Slideshows, Burn 1 12-15-2007 05:08 AM
HDTV antenna question, stupid perhaps MOTUfan Videography: Cameras, TVs and Players 2 06-09-2005 07:39 AM

Thread Tools



 
All times are GMT -5. The time now is 10:42 AM