Is check_username triggered before or after the database validation? I am not able to check it now.
Marin On Thu, Mar 29, 2012 at 10:46 PM, Anthony <[email protected]> wrote: > Oops, right. In that case, I would reverse the if/else. > > > On Thursday, March 29, 2012 4:11:13 PM UTC-4, Detectedstealth wrote: >> >> Yes I think you are correct, your solution is cleaner and explains the >> problem. However the last character would still need to be removed so your >> solution would need to be changed to: >> >> def check_username(form): >> if not form.vars.username.en**dswith('R') >> form.errors.username = '**Invalid username' >> else: >> form.vars.username = forms.vars.username[:-1] >> >> auth.settings.login_**onvalidation = [check_username**] >> >> Or is there a different way to handle that? >> >> On Thu, Mar 29, 2012 at 1:01 PM, Anthony <[email protected]> wrote: >> >>> I just used the following because I don't want their login to succeed if >>>> they enter no character IE: 0000012 the real username without the character >>>> should also fail. >>>> >>>> if request.args(0) == 'login' and request.post_vars.username: >>>> login_char = request.post_vars.username[-1] >>>> if login_char == 'R': >>>> request.post_vars.username = request.vars.username = >>>> request.post_vars.username[:-**1**] # remove last character >>>> else: >>>> request.post_vars.username = request.vars.username = >>>> request.post_vars.username + 'X' >>>> >>> >>> Actually, Marin's original solution would already protect against >>> entering the real username without the extra character because it stripped >>> the last character, which would therefore not match the username in the db. >>> The problem was that it would succeed with any extra character at the end, >>> not just with 'R'. Your solution above handles that problem, though I think >>> the onvalidation solution is simpler and more straightforward (and it >>> enables you to emit a custom error message for the particular case where >>> the last character is incorrect if desired). >>> >>> Anthony >>> >>> >> >> >> >> -- >> -- >> Regards, >> Bruce Wade >> http://ca.linkedin.com/in/**brucelwade<http://ca.linkedin.com/in/brucelwade> >> http://www.wadecybertech.com >> http://www.warplydesigned.com >> http://www.**fitnessfriendsfinder.com<http://www.fitnessfriendsfinder.com> >> >
