[pLog-svn] username validator 1.2.7 issue

Mark Wu markplace at gmail.com
Thu Apr 10 05:14:05 EDT 2008


Yes, we allowed  these characters before ....

I don't think there available any good regexp for this.

A better way is use stringvalidate to replased with it  but filterd all HTML
& javascript....

I think it should solve his Problem.

Mark

> -----Original Message-----
> From: plog-svn-bounces at devel.lifetype.net 
> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Jon Daley
> Sent: Thursday, April 10, 2008 3:54 PM
> To: LifeType SVN
> Subject: [pLog-svn] username validator 1.2.7 issue
> 
> So, apparently, people have been able to create invalid 
> usernames and we never noticed.
> 
> I am not sure what the best solution is.  Anyone have a 
> regexp that would work for international characters, but try 
> to avoid some SQL exploit issues?
> 
> http://forums.lifetype.net/viewtopic.php?f=7&t=8961&p=42053
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
> 



More information about the pLog-svn mailing list