SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,777
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Limit Username Characters?

    Should I limit which characters a User can use when creating his/her "Username"??

    I am using Prepared Statements, so SQL Injection shouldn't be an issue, however , at the very least it would be annoying to have a User choose ~!@#$%^&*()_+ as a Username...

    What do you think?


    Debbie

  2. #2
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,203
    Mentioned
    456 Post(s)
    Tagged
    8 Thread(s)
    Certainly messy usernames are no fun to read. There is a limit to what characters you can use in an email address and on sites like Twitter (letters, digits, underscore and period, I think), so it seems fair enough to set limits like that.

  3. #3
    billycundiff{float:left;} silver trophybronze trophy RyanReese's Avatar
    Join Date
    Oct 2008
    Location
    Whiteford, Maryland, United States
    Posts
    13,623
    Mentioned
    6 Post(s)
    Tagged
    0 Thread(s)
    Well I'd remove anything that can conflict with SQL databases, or cause errors. I'm not sure if semi colons or any of those mess with it (even if it's parsed as a string).

    I'd resetrict users to all numbers and letters anyway. Personally. If I had many many users potentially I'd open the door to dashes and periods so all users canfind a unique name easily.
    Always looking for web design/development work.
    http://www.CodeFundamentals.com

  4. #4
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,777
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ralph.m View Post
    Certainly messy usernames are no fun to read. There is a limit to what characters you can use in an email address and on sites like Twitter (letters, digits, underscore and period, I think), so it seems fair enough to set limits like that.
    Actually, there are virtually no characters that you cannot use in E-mails these days.

    I lean towards...
    PHP Code:
            if (preg_match('#^[A-Z \'.-]{8,30}$#i'$trimmed['username'])){ 
    ...but maybe "wide open" is better?

    Since I am using Prepared Statements and don't use Username as my Primary Key - although it is unique - I guess I can be a little more flexible?!


    Debbie


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •