I changed the type to "<field name="admin_user" type="username" ... " but it doesn't stops me from choosing '&&&&' as admin_user. Will I be doing something wrong?

same result as @framontb

Once you hit the next button the validation should kick in and remove those characters

so no warning for the user that is admin username changed?

@andrepereiradasilva yup, and that's not good for UX point of view

Seriously guys try to test and think a little before rushing to a PR.

This configuration:
<field name="admin_user" type="text" id="admin_user" class="inputbox validate-username"
label="INSTL_ADMIN_USER_LABEL"
required="true"
filter="username"
/>
works for me in the way you say @dgt41 . It removes the "bad characters" and go ahead. The user get advised because the text box change to red... but I think it should not go ahead to second step.
Perhaps could you merge your javascript solution with the rule I did? So the registration don't go to second step without a good username.

This is not working as expected because javascript code clean "wrong" characters in admin_user field, so they never reach the server after next-button is pressed. So the rule in server side never applies. It seems time to make a decision?:

• Better javascript solution (intrusive)
• Better php rule in server side solution (non intrusive)
• Modifying javascript for non changing the admin_user field but alert.

EDIT: true solution could be remove the filter="username" tag in field. So the field is not filtered but the javascript code warning turning the box red, and php rule works.
EDIT 2: and of course add this tag: validate="installation.username", so the rule applies.
EDIT 3: @dgt41 what do you think about?

I have tested this item ? unsuccessfully on ae26aeb

I have used same credentials which you provided for login. I have successfully login in administrator.

I have tested this item ? unsuccessfully on ae26aeb

I have tested with https://github.com/joomla/joomla-cms/archive/staging.zip using username and password given in your test instructions while installing joomla.
Admin-User: S9nFA7N7x7tL}jXOJqIx&vQk3jSF
JAdmin-Pass: msevXL0Stl,BV7szpufhMwo10^IV8SRs

Using the same username and password I was able to login in backend after installing joomla.

Tried with your https://github.com/dgt41/joomla-cms/archive/admin_username.zip and did the same. No difference with joomla staging branch and your admin_username branch.

I have created two video for the same.
With Joomla staging: https://youtu.be/YS0eSZRqRDQ
With your branch admin_username: https://youtu.be/skolh5i_FIc

Thanks.

Sorry @dgt41 please ignore my previous test. I have logged it successfully now and this test is success for.

Using joomla staging branch when I am installing with following,
Admin-User: S9nFA7N7x7tL}jXOJqIx&vQk3jSF
JAdmin-Pass: msevXL0Stl,BV7szpufhMwo10^IV8SRs

After installation complete I am not able to login.

When I am using your branch admin_username i.e. your patch works successfully and it filters characters which are not valid.

Thanks for fixing this issue.

I have tested this item ✅ successfully on ae26aeb

I am sorry, I have tested again and found it successful. I misunderstood { and & character. It is counting { as valid but & as invalid character.

Thanks, it works for me so this patch is tested successfully.

One weird thing is that I am choosing username S9nFA7N7x7tL}jXOJqIx&vQk3jSF while login. Notice & is still in username and I am able to login with username having & in it while during installation & was already filtered out.
Still second thought in my mind that this is a valid test or now.

I have tested this item ✅ successfully on ae26aeb

@dgt41 I am not sure why but travis is not happy ?

@dgt41 @gunjanpatel

CS error found by Mr. Travis ;)

FILE: ...home/travis/build/joomla/joomla-cms/installation/form/rule/username.php
--------------------------------------------------------------------------------
FOUND 1 ERROR(S) AFFECTING 1 LINE(S)
--------------------------------------------------------------------------------
 29 | ERROR | Expected 1 blank line before member var; 0 found
--------------------------------------------------------------------------------
UPGRADE TO PHP_CODESNIFFER 2.0 TO FIX ERRORS AUTOMATICALLY
--------------------------------------------------------------------------------

This PR has received new commits.

CC: @bhavikTailored, @gunjanpatel

I have tested this item ✅ successfully on c278ba8

Setting RTC as we have two successful tests.
Thanks.

Removing the RTC label here because I don't think this PR is complete.

There should be a message to the user the username is invalid instead of just cleaning it without notice. The same way as the password field works.

As for my test, I don't see the username being cleaned. I did see it happen once but not anymore after clicking Next and back a few times. It will only highlight the field as incorrect when you focus out of the field.

Now I found out something else doing the following:
1. I copy-pasted your username into the field
2. Ignored the error
3. Clicked Next
4. Click back and see the ) is stripped out
5. Add the ) back into the username
6. Click Next
7. Click Back
8. Notice the ) is still there

@roland-d since there is another PR for ajaxifying this field, is this still relative or should I just close it?

@dgt41 Does the other PR also touch the installation part? If so, I guess we can close this one.

@roland-d I have no clue, also I don't know if the checks are only if the name exists or more specific if the name doesn't contain illegal characters. I guess I'll have to test that...