On Tue, Dec 28, 2010 at 22:02, Joshua Kehn <josh.k...@gmail.com> wrote:
> Trim usernames but not passwords.
> Some people put spaces at the beginning and end of their passwords. Double
> confirm and don't mess with the input otherwise they tend to get confused.
>

How about:

if ($trimmedUsername != $username){
    trim($password);
}

I suppose that it is reasonable to assume (ha!) that if one was
copy-pasted with spaces, so would the other. Naive, I know, too bad I
don't dare start logging raw data to determine how true this might or
might not be.

Maybe I will start anonymising the data on the client, testing for
this, then logging it to a separate database with no correlation to
the users. Interesting it will be, at least.

-- 
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to