#13159 closed defect (bug) (fixed)
Admin username diacritics silently stripped at install
Reported by: | Jbb | Owned by: | dd32 |
---|---|---|---|
Milestone: | 3.0 | Priority: | high |
Severity: | critical | Version: | 3.0 |
Component: | Upgrade/Install | Keywords: | needs-patch |
Focuses: | Cc: |
Description
- Fresh install of WP trunk
- For the admin username, enter some diacritic. For example, Jérémie
- All goes well it seems
- Can't log in with that user
But in the users SQL table, the login name registered is: Jrmie
Login name should accept most unicode glyphs, especially well unique and used diacritic. A help button at registration should explain the rules of login taxonomy (what's allowed, what's not). And it should never ever alter the login in any way without warning the user.
Change History (10)
#1
@
14 years ago
- Component changed from General to Administration
- Milestone changed from Unassigned to 3.0
- Priority changed from normal to high
#2
@
14 years ago
- Component changed from Administration to Upgrade/Install
- Keywords needs-patch added
- Owner set to dd32
#4
@
14 years ago
We have very little poka yoke in the install form. I think for now we should just make sure they know we're going to sanitize their username to a certain set of characters. Could simply be some text we add.
#7
@
14 years ago
- Resolution set to fixed
- Status changed from new to closed
I think this one is good.
#8
@
14 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
What about self registration, or manually adding user? Shouldn't the warnings & explanations be there too?
Also, in your textual description of what's OK as a login, maybe you could say if login are case sensitive or not?
Just my 2 cents.
#9
@
14 years ago
- Resolution set to fixed
- Status changed from reopened to closed
They're insensitive, so I don't think we need to specify that. (If they were case-sensitive, then I'd include that.)
We can handle the other aspect in another ticket (which you're more than welcome to open). I think the install aspect was most important, especially since we just added that in 3.0 and did not display the sanitized username once WP was installed.
Thanks for the various keywords and fields update. It's my first involvement, I didn't want to assign wrong values.
I've done further testing. It's not only at install, even when manually adding a user through WP backend (Users->Add New) it's the same thing (silently strip diacritic).