Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Handling username length and character restriction on registration.

I there, Im trying to restrict names to only alpha numeric characters, and the size to be between 5 and 10 characters.
I found this post.
It seems to indicate that i can add this to config.php:
$Configuration['Garden']['User']['ValidationRegex'] = '^[a-zA-Z0-9]+$'; $Configuration['Garden']['User']['ValidationLength'] = "{5,10}";

And maybe even:
$Definition['UsernameError'] = "User Name must contain alpha numeric values and be between 5 and 10 characters in length.";

However it doesn't seem to work, and by inspecting functions.validation.php i can't seem to tell why.

Any ideas?

Best Answers

  • peregrineperegrine MVP
    edited November 2016 Answer ✓

    @Kiori said:However, this
    $Definition['UsernameError'] = "User Name m...
    Still doesn't work.

    I am not a mind reader! what did you do, where did you add it, and what doesn't work. How doesn't it work?

    If you didn't modify the entrycontroller, profilecontroller and setupcontroller and your js works properly it should display an error message if the validation invalidates the user name entered.

    The validation is set in the config statements.

    The definition defines the error message - IT DOES NOT VALIDATE, it presents a message that is defined in the definitions. The definition could say "Blah, Blah" but it has nothing to do with the validation itself. The message only appears if validation fails.

    The definition should be worded correctly to impart to the user what type of validation you have set. The definition is also not a mind reader. It spits out the message you defined in UsernameError defintion.

    so in your conf/locale.php

    you could add two definitions - one is used in the entrycontroller, the other is defined in the site core and may be used somewhere,

    used in Entrycontroller , setupcontroller and profilecontroller.

    $Definition['UsernameError'] = 'Usernames can only contain letters and numbers and must be between 5 and 20 characters long.';

    for good luck somewhere else maybe ....

    $Definition['ValidateUsername'] = 'Usernames must be 5-10 characters and consist of letters and numbers.';

    if the locale is being read properly the definition will be read.

    delete your ini files when changing definitions.

    see tutorials and faq for further info:

    https://vanillaforums.org/discussion/26597/tutorial-how-to-change-wording-how-to-change-text-how-to-change-language-how-to-change-locale/p1

    https://vanillaforums.org/discussion/30636/faq-frequently-asked-questions-by-newcomers-to-vanilla

    if the validation isn't working - you need to figure out what you want.

    Unicode letters are more than just A-Z

    if you only want 26 letters of the english alphabet and 0 thru 9 , use this for clarity.

    $Configuration['Garden']['User']['ValidationRegex'] = 'a-zA-Z0-9'; // letters and numbers

    see this site to test and determine regex. Remember regular expressions can have subtle differences e.g. perl and php can have different regex.

    http://www.regular-expressions.info/unicode.html

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

Answers

  • RiverRiver MVP
    edited November 2016

    @Kiori

    you are using vanilla 2.2.x

    https://github.com/vanilla/vanilla/blob/Vanilla_2.2.1/library/core/functions.validation.php#L254

    by inserting

    var_dump($ValidateUsernameRegex);
    die();

    then printing your result and then removing the two lines.
    non -intrusive test

    create a regextext.php file and run it from your web browser.

        <?php
        $value = "bad";
        $regex1 = "[\w]{4,10}";
        $regex2 = "[\pN\pL\pM\pPc]{4,10}" ;
        $regex1 = "/^({$regex1})?$/siu";
        $regex2 = "/^({$regex2})?$/siu";
        echo "$regex1 $value is " ;
        var_dump(filter_var($value, FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => $regex1))));
        echo "<br>";
        echo "$regex2 $value is ";
        var_dump(filter_var($value, FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => $regex2))));
        echo "<br>";
        $value = "good";
        echo "$regex1 $value is ";
        var_dump(filter_var($value, FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => $regex1))));
        echo "<br>";
        echo "$regex2 $value is ";
        var_dump(filter_var($value, FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => $regex2))));
    

    then post the exact results.

    If it were me. I would upgrade to vanilla 2.3 since that is the current stable version that is supported.

    vanilla 2.2.x is no longer supported.

    I would also follow the standard way of isolating and trouble shooting problems.

    • use the default theme
    • remove any overrides of views and functions that you have replaced or any other code you modified.
    • disable the plugins and apps temporarily
    • after you have done this then you can solve easier.
    • check for js errors in the console.
    • change registration temporarily to applicant approval
    • test with everything simplified to determine if it is your code, theme, or environment.

    but at the very least post the results of the regextext.php

    obviously the Definition - is just a statement it doesn't control validation, it just presents a message to the user.

    for 2.3

    by inserting

    var_dump($ValidateUsernameRegex);
    die();
    

    then printing your result and then removing the two lines.
    non -intrusive test

    https://github.com/vanilla/vanilla/blob/release/2.3/library/core/functions.validation.php#L269

    same answer pretty much as here https://vanillaforums.org/discussion/comment/243183/#Comment_243183

    Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.

  • R_JR_J Ex-Fanboy Munich Admin

    @Kiori said:
    it doesn't seem to work

    The error message is not "dynamical" or anything like that. It will always read "Username can only contain letters, numbers, underscores, and must be between 3 and 20 characters long." Maybe that's the only thing you need to fix (you would have to translate "UsernameError")

  • @R_J
    Thanks, that explains a lot, I'll hardcode it.
    I found the value on the entry controller, among others, editing the value there works.
    It would be good if it was generated, but i get it.

    @River
    Really good idea.

    regextext:

    /^([\w]{4,10})?$/siu bad is bool(false)
    /^([\pN\pL\pM\pPc]{4,10})?$/siu bad is bool(false)
    /^([\w]{4,10})?$/siu good is string(4) "good"
    /^([\pN\pL\pM\pPc]{4,10})?$/siu good is string(4) "good" 
    

    and with the vardump on validate:
    string(22) "[^[a-zA-Z0-9]+$]{5,10}"

    So now we know it does get through.
    But I still cant get it to work.

    I haven't upgraded to 2.3 yet because I wanna be sure all the plugins will be working, so I'm giving it time.
    Yaga for instance seems to not be perfect, according to a post I just read the other day.

    Thanks a lot for the input guys.

  • @River
    Well spotted!
    Indeed removing the signs and the brackets did the job!

    However, this
    $Definition['UsernameError'] = "User Name m...
    Still doesn't work.

  • peregrineperegrine MVP
    edited November 2016 Answer ✓

    @Kiori said:However, this
    $Definition['UsernameError'] = "User Name m...
    Still doesn't work.

    I am not a mind reader! what did you do, where did you add it, and what doesn't work. How doesn't it work?

    If you didn't modify the entrycontroller, profilecontroller and setupcontroller and your js works properly it should display an error message if the validation invalidates the user name entered.

    The validation is set in the config statements.

    The definition defines the error message - IT DOES NOT VALIDATE, it presents a message that is defined in the definitions. The definition could say "Blah, Blah" but it has nothing to do with the validation itself. The message only appears if validation fails.

    The definition should be worded correctly to impart to the user what type of validation you have set. The definition is also not a mind reader. It spits out the message you defined in UsernameError defintion.

    so in your conf/locale.php

    you could add two definitions - one is used in the entrycontroller, the other is defined in the site core and may be used somewhere,

    used in Entrycontroller , setupcontroller and profilecontroller.

    $Definition['UsernameError'] = 'Usernames can only contain letters and numbers and must be between 5 and 20 characters long.';

    for good luck somewhere else maybe ....

    $Definition['ValidateUsername'] = 'Usernames must be 5-10 characters and consist of letters and numbers.';

    if the locale is being read properly the definition will be read.

    delete your ini files when changing definitions.

    see tutorials and faq for further info:

    https://vanillaforums.org/discussion/26597/tutorial-how-to-change-wording-how-to-change-text-how-to-change-language-how-to-change-locale/p1

    https://vanillaforums.org/discussion/30636/faq-frequently-asked-questions-by-newcomers-to-vanilla

    if the validation isn't working - you need to figure out what you want.

    Unicode letters are more than just A-Z

    if you only want 26 letters of the english alphabet and 0 thru 9 , use this for clarity.

    $Configuration['Garden']['User']['ValidationRegex'] = 'a-zA-Z0-9'; // letters and numbers

    see this site to test and determine regex. Remember regular expressions can have subtle differences e.g. perl and php can have different regex.

    http://www.regular-expressions.info/unicode.html

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • R_JR_J Ex-Fanboy Munich Admin

    Hey @river, lost your password?

  • @peregrine
    First and foremost, sorry for the lack of explanation, I could have been more precise.

    And secondly, thanks a bunch! My problem was i was setting the definition on the config file instead of the locale. I thought I read somewhere that that's where it went, guess not!

    All the regex problems were solved by simply removing the brackets and all.(I used the unicode formatting as you recommended, much cleaner)

    Thanks for the links, also. Great stuff!

Sign In or Register to comment.