<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.6000.16525" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>I am looking to alter the main user module to
prevent more non-alphanumeric characters than drupal does by default. I added,
as you can see, a line to prevent underscores as we have a mash up with
Mediawiki and underscores cause a major headache. I did so by disallowing
unicode character 005F which is a standard underscore, and I emphasise
"standard" here: there are about 3 other underscore characters!</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Is there a simple way of disallowing accented
characters which also throw a spanner in the mediawiki machinery? I suppose I
could always use the admin/access rules to do this. Maybe it's better than
further hacking core. I had little choice with underscore because underscore is
for some reason used as a wildcard character in access rules so I had to add it
here:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>/**<BR> * Verify the syntax of the given
name.<BR> */<BR>function user_validate_name($name) {<BR> if
(!strlen($name)) return t('You must enter a username.');<BR> if
(substr($name, 0, 1) == ' ') return t('The username cannot begin with a
space.');<BR> if (substr($name, -1) == ' ') return t('The username cannot
end with a space.');<BR> if (strpos($name, ' ') !== FALSE) return
t('The username cannot contain multiple spaces in a row.');<BR> if
(ereg("[^\x80-\xF7 [:alnum:]@_.-]", $name)) return t('The username contains an
illegal character.');<BR> if
(preg_match('/[\x{80}-\x{A0}'.
// Non-printable ISO-8859-1 +
NBSP<BR>
'\x{AD}'.
//
Soft-hyphen<BR>
'\x{2000}-\x{200F}'. // Various space
characters<BR>
'\x{2028}-\x{202F}'. // Bidirectional text
overrides<BR>
'\x{205F}-\x{206F}'. // Various text hinting
characters<BR>
'\x{FEFF}'.
// Byte order
mark<BR>
'\x{005F}'.
//
Underscore<BR>
'\x{FF01}-\x{FF60}'. // Full-width
latin<BR>
'\x{FFF9}-\x{FFFD}'. // Replacement
characters<BR>
'\x{0}]/u',
// NULL
byte<BR>
$name)) {<BR> return t('The username contains an illegal
character.');<BR> }<BR> if (strpos($name, <A
href="mailto:'@'">'@'</A>) !== FALSE && !eregi(<A
href="mailto:'@([0-9a-z](-?[0-9a-z])*.)+[a-z]{2}([zmuvtg]|fo|me)?$'">'@([0-9a-z](-?[0-9a-z])*.)+[a-z]{2}([zmuvtg]|fo|me)?$'</A>,
$name)) return t('The username is not a valid authentication ID.');<BR> if
(strlen($name) > USERNAME_MAX_LENGTH) return t('The username %name is too
long: it must be %max characters or less.', array('%name' => $name, '%max'
=> USERNAME_MAX_LENGTH));<BR>}</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I mentioned a similar problem to this on this
mailing list a few months ago and I had people coming back to me with ways in
which the above code was not done very well. Of particular interest was this
line:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> if (ereg("[^\x80-\xF7 [:alnum:]@_.-]",
$name)) return t('The username contains an illegal character.');</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>As I say, this is the core user.module so this is
on every drupal site out there. What does this line do and is it indeed coded
poorly? In an ideal world, I would like to allow ONLY a-z, 0-9 and hyphens and
that's it! I may even offer a project on the forum to rewrite this part of the
module to allow only those characters. It seems better than disallowing a whole
raft of other characters - to allow only a, b and c, so to speak.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Mashing up drupal and mediawiki causes so many
headaches when it comes to allowable usernames and there's always that one tenth
of a percent who absolutely MUST HAVE their username as @@|||||||| - -
*_The__<<Big>>__Lebowski_||* - - |||||||||@@</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>if anyone puts that into mediawiki, our server will
go up in smoke.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Neil</FONT></DIV></BODY></HTML>