Drupal 10, the latest version of the open-source digital experience platform with even more features, is here.i thought we had this right once. but alas, its still broken. the following in user.module line 174 is returning a bad username error message but in fact the username is OK. we should allow @ and * in usernames. That line of code is:
if (!eregi('^[a-z0-9]+(@[a-z0-9]+)?$', $name)) return t("The name contains an illegal character.");
Comments
Comment #1
(not verified) CreditAttribution: commentedFor the CVS version at lesat @ has a special meaning (distributed authentication) so we can not allow it without breaking a lot of things.
I don't like the regexp myself though as its too restrictive in some cases. I'll make it a configuration option so site admins can tweak it, as long as they know regexp ;)
Comment #2
moshe weitzman CreditAttribution: moshe weitzman commentedI see what you are saying, but there is another issue ... The real problem is that users who *do* register with DA are automatically assigned a username with a '@' in it. So if we disallow a '@' in username validation, then those users are never be able to change their user data. This is the current behavior. IMO, the best option is to allow '@' for everyone.
Comment #3
(not verified) CreditAttribution: commentedUsing some more forgiving regex now, but in return they are more strict on @site validation. Basically people should only use @ when they are using a distributed authentication scheme.
Comment #4
(not verified) CreditAttribution: commentedComment #5
moshe weitzman CreditAttribution: moshe weitzman commentedThis bug is back again on drupal.org. People with an '@' in their username (i.e. all DA registrations) are unable to edit their user information. The returned error is 'invalid character in username ...'
Comment #6
Dries CreditAttribution: Dries commentedTurns out it has nothing to do with '@' but with '.' (dot/point) in one's username. I just fixed this in both the DRUPAL-4-2-0 and the HEAD branch. Marking this report as such.
Comment #7
(not verified) CreditAttribution: commented