On Tue, Dec 28, 2010 at 22:02, Joshua Kehn <[email protected]> wrote:
> Trim usernames but not passwords.
> Some people put spaces at the beginning and end of their passwords. Double
> confirm and don't mess with the input otherwise they tend to get confused.
>
How about:
if ($trimmedUsername != $username){
trim($password);
}
I suppose that it is reasonable to assume (ha!) that if one was
copy-pasted with spaces, so would the other. Naive, I know, too bad I
don't dare start logging raw data to determine how true this might or
might not be.
Maybe I will start anonymising the data on the client, testing for
this, then logging it to a separate database with no correlation to
the users. Interesting it will be, at least.
--
Dotan Cohen
http://gibberish.co.il
http://what-is-what.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
