Bug #16037
closed
no special-chars in new admin-name
0%
Description
I want to create a new admin-user with a dot in it (like bernd.wilke). The creation seems to work, but a following BE_login failed.
After creating another adminuser (admin) I was able to login into the BE and there I found an admin-user berndwilke (without the dot).
Umlauts, which are usual in names, are removed also.
At least there should be a BIG warning if characters are removed at creation like:
<span style:"color:red; font-size:150%">username changed from ... to ...</span>
better: remove only a few characters, which can confuse databases: '"<>,;:?*%
searching for the modification leads me to class.tx_install.php line 3732 (case 'adminUser':), where a ereg_replace() removes all but [:al num:]_-
(issue imported from #M3242)
Updated by Martin Kutschker over 18 years ago
This is true for all kinds of users. But in the BE the auto-conversion is a bit more easy to see in the user list.
The easiest solution is a warning next to the input fields that all "funny" characters except a-z and 0-9 are removed.
Updated by Stefano Kowalke almost 16 years ago
Solution:
- allow the dot in name
- implement a check if entered string was ok
- display a warning if something went wrong
Updated by Alexander Opitz over 11 years ago
- Status changed from New to Closed
- Target version deleted (
0) - PHP Version deleted (
4)
Tested with 6.0:
Username: ich<>bla Password: ölö
Username: ich.bla Password: ölö
User was created as admin with that name and login was possible.