Cool! Thanks for the fixes. Please send me a pull request so I can check out the changes and get them merged in.Take care, Bruno
On Mon, Jun 8, 2009 at 5:58 PM, Barry Paul <[email protected]> wrote: > > > I had a couple of problems with CE's (very liberal!) login validation. > People were signing up with numeric usernames like 0099345. This > passed the rails validation but would choke when the user logged-in on > the over ridden user::find method. This find method is very useful in > that it allows you to find by either a username or id but, in the case > above, it interpreted the login as an id and couldn't find the user. > Anyway, to bring it all into line I made the following changes which > may be useful to others: > > I changed the validation to: > > validates_format_of :login, :with => /^[A-Za-z0][ A-Za-z0-9_-]+ > $/ > > This means that logins must begin with a letter or 0 and they can > contain any number of letters, numbers, _ , - , or spaces. The old > validation allowed logins to begin with any number or any whitespace > characters. It also allowed whitespace characters such as TAB and > RETURN in the login. > > I also made a small change to the find method in order to recognize > that numeric logins beginning with '0' are not ids: > > # override activerecord's find to allow us to find by name or id > transparently > def self.find(*args) > logger.info args.first > if args.is_a?(Array) and args.first.is_a?(String) and > (args.first.index(/[a-zA-Z\-_]+/) or args.first.index('0') == 0 or > args.first.to_i.eql?(0) ) > find_by_login_slug(args) > else > super > end > end > > All these changes are in user.rb > > Cheers, > > -- > Barry > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CommunityEngine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/communityengine?hl=en -~----------~----~----~----~------~----~------~--~---
