HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options
Username validation
warzyd
New
Does anyone knows why the following regex does not work for validation? I would like users to be able to use any character they like.
$Configuration['Garden']['User']['ValidationRegex'] = '[.*]+';
nor
$Configuration['Garden']['User']['ValidationRegex'] = '[.]';
Tagged:
1
Comments
Because "." and "*" inside the matching brackets are taken literally. But you certainly do not want to allow user names that only consist of dots and stars. If you want to allow any number of characters, use only this
Does not work too. Whenever trying to put any username during the registration, all i get is:
Usernames must be 3-20 characters and consist of letters, numbers, and underscores.
Remember to clear /cache
Cleared /cache/Smarty, /cache/theme and /cache/twig folders without any results.
That's another setting. This is the default: $Configuration['Garden']['User']['ValidationLength'] = "{3,20}";
You can set it to {1, 191} if you like to, but don't exceed 191 since that is the columns maximim length. Since it would completly mess up every view, I would keep it to a much lesser limit anyway
@R_J Forgot to mention that whenever i put '.+' i am unable to register any username. Whatever characters I type (even the simplest string like test123) i still get the same error about Usernames must be 3-20 characters ...
So basically, after setting up own regex, registration form does not work because validation do not want to pass any username.
To find things like that by yourself, search the source code for things you already know, like e.g. "ValidationRegex" and you will see the other configuration option in the file functions.validation.php right next to the one you already knew 👍️
Did it before I decided to create this topic ;) There are only 2 functions responsible for the username validation. So basically, definition above located in conf.php file should work but because of unknown reasons, don't.
Oh, I found the problem! This is where the config values are used:
$validateUsernameRegex = sprintf( "[%s]%s", c("Garden.User.ValidationRegex", $defaultPattern), c("Garden.User.ValidationLength", "{3,20}") );As you can see the regex is created by "sprintf [regex]length" which requires the regex config to be a character class. The length could either be a range like the default is or either a "+" or even a "*" although this still wouldn't allow a user name of zero length for other reasons. But the main "problem" is that the regex is enclosed in brackets. I would say that "\w\s" should be permissive enough, but if you like to change that, you need to define a function validateUsernameRegex which returns ".+"
That would require a /conf/bootstrap.before.php file where you put that simple function:
<?php function validateUsernameRegex() { return '.*'; }Seems like you are right and I thought that the following declaration
would do the trick but it doesn't. Looks like such basic character like "-" is still not allowed.
However, it seems like adding extra \W do the job as it does accept characters like *-+=)