[#9867] - Why site Admin has no control on limitation for "username" filed in com_users component?
- Closed
- 16 Apr 2016
- Medium
- Build: master
- # 9867
Steps to reproduce the issue
On any Joomla website, register a new account, you can use any character, even UTF-8 words for "username", even in any length!
Expected result
We should have some control on "username" field.
Actual result
But we do not have any limitation on "username" field.
System information (as much as possible)
not related to server enviroment.
Additional comments
Don't you care about "username" field? Maybe most of the developers here are speaking English. But for those Joomla websites in other languages, such as Chinese language, sometimes, we Admin do NOT want to allow usernames in other languages except English.
However, Joomla CMS does NOT offer any control on limitation for "username" field in com_users component, like "username minimal length", or "allowed characters in username".
For example, people can even register a username like "a", only ONE letter!
The worse is, if the visitor can register a username in Chinese (or any other UTF-8 Multi-byte language), then it is very difficult to generate SEF urls for his profile page.
What I want is:
Only allows AlphaNumeric characters, and dash (-) and underline (_) characters in username. ANY other character will be regarded invalid and rejected when registering.
Could you please improve the com_users component of Joomla CORE to implement such an limitation rule?
Thank you.
Actually I fully understand this request - especially after my presentations on "Whats my name" https://www.youtube.com/watch?v=P0m1hqyQlTQ
It makes perfect sense to me and I agree that this would be an improvement
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9867.
| Milestone |
Added: |
||
| Status | New | ⇒ | Confirmed |
| Labels |
Added:
?
|
||
| Milestone |
Added: |
||
| Category | ⇒ | Feature Request |
I would look at creating something very similar to the password validation options /Applications/MAMP/htdocs/featured/libraries/cms/form/rule/password.php
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9867.
@Bakual : Unfortunately, there is NO such a plugin can do this. I had already searched JED for many times in recent YEARS, but never find a plugin can do this.
Big components such as Community Builder has similar feature to limit "username" field, if this field was created by CB itself. But, why I need to install such a big component when I just want to limit the username pattern ? So the answer is still "no".
Hope someone will add this feature to Joomla core.
Thank you.
So this seems to me that what you're asking is a new rule for validating the username field in the same logic like the one that exist in password field.
- https://github.com/joomla/joomla-cms/blob/staging/libraries/cms/form/rule/password.php
- https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_users/config.xml#L132-L173
- https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_users/models/forms/user.xml#L23
Thats what I am thinking
If you want to add that, you would have to make it optional. Because a username like "Thomas Hunziker" is perfectly fine for most sites, as well as "André" or "Hämpu" or "email@domain.com".
Yes that is why I suggested doing it just like the password rules we added
that by default have no effect on an existing site and a site owner would
have to make a setting before anything would change.
On 12 April 2016 at 12:17, Thomas Hunziker notifications@github.com wrote:
If you want to add that, you would have to make it optional. Because a
username like "Thomas Hunziker" is perfectly fine for most sites, as well
as "André" or "Hämpu" or "email@domain.com".—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#9867 (comment)
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/
Yes, this new feature should be "optional". Maybe some Admin would like to allow empty spaces in "username" value, but I personally do not want it, I perfer to replace empty space character with _ or - characters.
Just my two cents: shouldn't we reconsider the whole registration/(user)name stuff at all. For example email and password confirmation or using a username at all is very "old school" today. A lot "modern" pages offers a very short registration form: name/email/(some: confirm email)/password (one time). The username is replaced by the email, password has to insert just once etc.
If we rebuild the username stuff, perhaps we can rebuild the whole process and have a more flexible registration form in the core (at the moment I have to override the whole form with a plugin)
I think that is a topic for another time and not in this issue - perhaps
for Joomla 4
On 12 April 2016 at 16:40, Benjamin Trenkle notifications@github.com
wrote:
Just my two cents: shouldn't we reconsider the whole
registration/(user)name stuff at all. For example email and password
confirmation or using a username at all is very "old school" today. A lot
"modern" pages offers a very short registration form: name/email/(some:
confirm email)/password (one time). The username is replaced by the email,
password has to insert just once etc.
If we rebuild the username stuff, perhaps we can rebuild the whole process
and have a more flexible registration form in the core (at the moment I
have to override the whole form with a plugin)—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#9867 (comment)
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/
my2cent: The core should not care about features which are not necessary and can be easily realised via 3rd party plugins.
This is very necessary if you watch the video I linked to.
On 12 April 2016 at 17:49, chmst notifications@github.com wrote:
my2cent: The core should not care about features which are not necessary
and can be easily realised via 3rd party plugins. I—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#9867 (comment)
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/
But if you know of a plugin that will allow username restrictions such as
character set etc then please post here
On 12 April 2016 at 17:59, Brian Teeman brian@teeman.net wrote:
This is very necessary if you watch the video I linked to.
On 12 April 2016 at 17:49, chmst notifications@github.com wrote:
my2cent: The core should not care about features which are not necessary
and can be easily realised via 3rd party plugins. I—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#9867 (comment)Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/
At the moment I don't know of a plugin and maybe it is because there is no urgent need?
I agree that the feature is useful. But I also think that we should keep the core slim. It's always juggling.
We are talking about one (possibly) two files and a few optional parameters
On 12 April 2016 at 18:11, chmst notifications@github.com wrote:
At the moment I don't know of a plugin and maybe it is because there is no
urgent need?
I agree that the feature is useful. But I also think that we should keep
the core slim. It's always juggling.—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#9867 (comment)
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/
It should be possible easily with a plugin to check the username Server-Side after the form is sent. I'm surprised there is no such plugin available.
I think you can't add Client-Side (JavaScript) validation using a plugin. At least it's harder to do.
| Labels |
Added:
?
|
||
Maybe AJAX validation can make it faster?
2016-04-13 2:05 GMT+08:00 Thomas Hunziker notifications@github.com:
It should be possible easily with a plugin to check the username
Server-Side after the form is sent. I'm surprised there is no such plugin
available.
I think you can't add Client-Side (JavaScript) validation using a plugin.
At least it's harder to do.—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#9867 (comment)
seems to me a valid request, if someone has time to code it, go for it, I would press the merge button if it is ready and tested :-)
and the benefit of this proposal will be... ?
I think the premise is wrong:
we Admin do NOT want to allow usernames in other languages except English
We admin who?
Any (valid) issue such as using usernames in URLs should be handled differently (like e.g. not using user names at all in URLs and file names, also for security reasons)
If you have such a will and need, no problem, you can roll your own plugin for that. Others may have very different needs from yours...
... my 2c ...
Edit: Admittedly for a special case, but here is a plugin for imposing restrictions on usernames (that can probably be used as a starting point for something "custom"): http://www.joomdle.com/download/category/27-plugins-additional
Edit 2: At least one of my sites will be broken by such a "feature" probably together with numerous more as "email for username" seems to to be quite a popular plugin category
Actually a plugin appoach is possible: https://github.com/joomla/joomla-cms/blob/staging/libraries/joomla/user/user.php#L778-L788
Maybe we could add something like for password in the user's config: https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_users/config.xml#L132-L173
to:
- minimal length
- limit character
- ...
Yes, possible, and IMHO it belongs to here: https://github.com/joomla-extensions/
(I was so happy when the roadmap announced a Weight Watchers (tm) cure for Joomla...)
I did implement a 'usernamecheck' plugin and a PR: Issue 9943
First time I contribute... thought the PR should appear here but...
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9867.
Thank you framontb , hope you will polish your code to perfectly solve this
issue.
Maybe you can add a new option to "reserve some strings", for example, do
not allow registration for "CEO", "administrator", "president", "f**k".
2016-04-16 7:04 GMT+08:00 framontb notifications@github.com:
I did implement a 'usernamecheck' plugin and a PR: Issue 9943
https://issues.joomla.org/tracker/joomla-cms/9943First time I contribute... thought the PR should appear here but...
This comment was created with the J!Tracker Application
https://github.com/joomla/jissues at issues.joomla.org/joomla-cms/9867
https://issues.joomla.org/tracker/joomla-cms/9867.—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#9867 (comment)
| Status | Confirmed | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-04-16 06:23:51 |
| Closed_By | ⇒ | brianteeman |
Please see #9943
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9867.
joomla-cms-bot
- | Status | Closed | ⇒ | New |
| Closed_Date | 2016-04-16 06:23:51 | ⇒ | |
| Closed_By | brianteeman | ⇒ |
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-04-16 06:26:59 |
| Closed_By | ⇒ | brianteeman |
@brianteeman can you remove the milestone here this is just a issue?
| Milestone |
Removed: |
||
You should be able to do that using a plugin. Maybe there even are already such plugins available on JED.
Personally I don't see the need for this in core.