Prevent stupid ASCII usernames in vBulletin
Although this forum has been in current form for going on 3 years now --- as a vBulletin site, kept up to date, and using various in-house custom mods, vB.org mods and plugins --- it wasn't until this recent holiday season (Dec-Jan) that people started to register with stupid usernames that included a lot of ASCII. Example: ~J0EB()B+HE/GREA%~
We're of the opinion that a usename should be just that -- a user's "name" (be it real or pseudonym). That implies mostly letters, possibly some "name-like" punctuation (periods, ampersands, spaces, hyphens). To help with name availability, standard numerals were allowed (0-9), and then some other standardized characters were allowed (i.e.: underscores and asterisks). And NOT a jumble of random ASCII because you want to be a "kewl" computer nerd. :mad: In some cases, I think allowing any and all characters could prove to be a security hazard, as it could potentially allow for PHP or SQL injections -- ugly, ugly stuff. So even if in the name of security, limiting username characters would be a wise move for your vB forum. vBulletin includes the option to limit what is available to new registrations, but the code either does too much or not enough. You'll find this in the admincp, under vBulletin Options > User Registration Options in the page section Username Regular Expression: Code:
(Do not start or end the expression with an escape character) A-Z with space is not enough. A-Z,0-9 with space is not enough. Characters 32-127 is way, way too much. So I asked for help at the usual places:
You can also block dumb ASCII names by adding this to your Illegal User Names: Code:
@ ~ ` # $ % ^ ( ) + = { [ ] } | \ / ? < > , ; : " ' Yes, it's not as foolproof as a Regular Expression, and it's rather quick and dirty -- but it's still somewhat effective for the basics (i.e., anything found on the keyboard or with SHIFT+keyboard). And that's really all that matters to me. I hope this helps some fellow vBulletin admins. :) If interested, you can read the other threads at:
|
Site design, images and content © 2002-2024 The Digital FAQ, www.digitalFAQ.com
Forum Software by vBulletin · Copyright © 2024 Jelsoft Enterprises Ltd.