>>>>> "bill" == bill <bill@daze.net> writes:
bill> We learned what was acceptable characters in an OpenSRS password
bill> the hard way. The supplied validation in the scripts (note this
bill> may have changed on the latest version of the scripts) didn't
bill> actually validate to what was acceptable, it was only when the
bill> attempt to submit the order OpenSRS did we find the problems.
bill> I actually found the acceptable values for the password field at
bill> domaindirect.com, from their signup form:
bill> "Login has to contain 6 to 20 characters. Alphabetical
bill> characters and numbers only! Do not use dots, commas, dashes,
bill> forward slashes or spaces."
Hmm. That seems to refer to reg_username, not reg_password.
Also, the minimum for reg_username in general is less than 6 chars. I
know four works.
The current code (2.0a aka 2.0.1) has this in reg_system:
> } elsif ($reg_username !~ /^[a-z0-9]{3,}$/) {
> error_out("Invalid syntax for registration username. " .
> "Allowable characters are a - z and 0 - 9.\n");
(Edited to fit in 80 cols and still be valid Perl.)
So it is looking for at least 3 chars, and no [A-Z]!
No checks are done on reg_password, other than equality with
confirm_password.
doc/field_list indicates that reg_username and reg_password max out at
20 chars, name and address fields at 64, state and postal_code at 32,
phone and fax at 20 and email and url at 255.
-JimC
--
James H. Cloos, Jr. <URL:http://jhcloos.com/public_key> 1024D/ED7DAEA6
<cloos@jhcloos.com> E9E9 F828 61A4 6EA9 0F2B 63E7 997A 9F17 ED7D AEA6
Save Trees: Get E-Gold! <URL:http://jhcloos.com/go?e-gold>
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:27 EDT