Why Am I Doing This?
Onideus Mad Hatter
for use in user registration, when suddenly it occurred to me...why
not allow most of these characters for usernames and passwords? I
mean obviously you don't want to allow things like < > and the like,
which are used in code, but what about things like ~ @ # $ %, I don't
see how they could be used for an exploit, and other than preventing
people from making weird l33t spe@k names it seems pretty pointless.
And on the password end of things it seems like it would actually be a
*GOOD* thing to allow those extra characters.
So anyway, I don't think I'll get too crazy with it.
On a related up note, it occurred to me, that since I'm building this
thing in Flash...I don't need to use any sort of captcha! LOL, bots
can't actually directly access Flash controls like they can with HTML.
You would need to take and decompile the Flash file itself to setup
any sort of bot, but then if you include domain verification then even
that won't work for them. ^__^
--
Onideus Mad Hatter
mhm ą x ą
http://www.backwater-productions.net
http://www.uncensored-inter.net
Hatter Quotes
-------------
"Freedom, true freedom, is nothing more than intellectual advantage over others."
"When I listen to people I don't really listen to what it is they're
saying, so much as what they're saying it for."
"Don't ever fuck with someone who has more creativity than you do."
"You're only one of the best if you're striving to become one of the
best."
"I didn't make reality, Sunshine, I just verbally bitch slapped you
with it."
"I'm not a professional, I'm an artist."
"Usenet Filters - Learn to shut yourself the fuck up!"
"Drugs killed Jesus you know...oh wait, no, that was the Jews, my
bad."
"The more I learn the more I'm killing my idols."
"Is it wrong to incur and then use the hate ridden, vengeful stupidity
of complete strangers in random Usenet froups to further my art?"
"Freedom is only a concept, like race it's merely a social construct
that doesn't really exist outside of your ability to convince others
of its relevancy."
"Next time slow up a lil, then maybe you won't jump the gun and start
creamin yer panties before it's time to pop the champagne proper."
"Reality is directly proportionate to how creative you are."
"People are pretty fucking high on themselves if they think that
they're just born with a soul. *snicker*...yeah, like they're just
givin em out for free."
"How sad that you're such a poor judge of style that you can't even
properly gauge the artistic worth of your own efforts."
"Those who record history are those who control history."
"I am the living embodiment of hell itself in all its tormentive rage,
endless suffering, unfathomable pain and unending horror...but you
don't get sent to me...I come for you."
"Ideally in a fight I'd want a BGM-109A with a W80 250 kiloton
tactical thermonuclear fusion based war head."
"Tell me, would you describe yourself more as a process or a
function?"
"Apparently this group has got the market cornered on stupid.
Intelligence is down 137 points across the board and the forecast
indicates an increase in Webtv users."
"Is my .sig delimiter broken? Really? You're sure? Awww,
gee...that's too bad...for YOU!" `, )
PerfectReign
> So, for one of my sites I started building a text sanitizing function
> for use in user registration, when suddenly it occurred to me...why
> not allow most of these characters for usernames and passwords? I
> mean obviously you don't want to allow things like < > and the like,
> which are used in code, but what about things like ~ @ # $ %, I don't
> see how they could be used for an exploit, and other than preventing
> people from making weird l33t spe@k names it seems pretty pointless.
> And on the password end of things it seems like it would actually be a
> GOOD thing to allow those extra characters.
Actually, text sanitizing should allow for whatever you want. I pretty much
allow whatever - incluidng <>"' - and then just wrap it. Pretty fucking
easy, IMO.
If someone wants the username like: god's <wrath> If they want teh password
to be: "drop all" then that's fine.
--
www.perfectreign.com
Clean out a corner of your mind and creativity will instantly fill it. - Dee
Hock
Onideus Mad Hatter
<theperf...@yahoo.com> wrote:
>Onideus Mad Hatter turned on the Etch-A-Sketch and wrote:
>
>> So, for one of my sites I started building a text sanitizing function
>> for use in user registration, when suddenly it occurred to me...why
>> not allow most of these characters for usernames and passwords? I
>> mean obviously you don't want to allow things like < > and the like,
>> which are used in code, but what about things like ~ @ # $ %, I don't
>> see how they could be used for an exploit, and other than preventing
>> people from making weird l33t spe@k names it seems pretty pointless.
>> And on the password end of things it seems like it would actually be a
>> GOOD thing to allow those extra characters.
>
>Actually, text sanitizing should allow for whatever you want. I pretty much
>allow whatever - incluidng <>"' - and then just wrap it. Pretty fucking
>easy, IMO.
>
>If someone wants the username like: god's <wrath> If they want teh password
>to be: "drop all" then that's fine.
I've decided for passwords I'll allow anything, whilst for usernames
I'll allow these, mostly for fun:
http://www.backwater-productions.net/_images/_Usenet/Web_Design_-_Allowed.png
PerfectReign
>>If someone wants the username like: god's <wrath> If they want teh
>>password to be: "drop all" then that's fine.
>
> I've decided for passwords I'll allow anything, whilst for usernames
> I'll allow these, mostly for fun:
>
http://www.backwater-productions.net/_images/_Usenet/Web_Design_-_Allowed.png
>
Only those?
LOL!
§ñühw¤£f
> Onideus Mad Hatter turned on the Etch-A-Sketch and wrote:
>
>>>If someone wants the username like: god's <wrath> If they want teh
>>>password to be: "drop all" then that's fine.
>>
>> I've decided for passwords I'll allow anything, whilst for usernames
>> I'll allow these, mostly for fun:
>>
> http://www.backwater-productions.net/_images/_Usenet/Web_Design_-_Allo
> wed.png
>>
>
> Only those?
>
> LOL!
>
<snarf>
--
Last night while sitting in my chair
I pinged a host that wasn't there
It wasn't there again today
The host resolved to NSA.
stermen
"Onideus Mad Hatter" <use...@backwater-productions.net> ha scritto nel
messaggio news:c5pjr41i19r3p0oq6...@4ax.com...
> So, for one of my sites I started building a text sanitizing function
> for use in user registration, when suddenly it occurred to me...why
> not allow most of these characters for usernames and passwords? I
> mean obviously you don't want to allow things like < > and the like,
> which are used in code, but what about things like ~ @ # $ %, I don't
> see how they could be used for an exploit, and other than preventing
> people from making weird l33t spe@k names it seems pretty pointless.
> And on the password end of things it seems like it would actually be a
> *GOOD* thing to allow those extra characters.
>
> So anyway, I don't think I'll get too crazy with it.
>
> On a related up note, it occurred to me, that since I'm building this
> thing in Flash...I don't need to use any sort of captcha! LOL, bots
> can't actually directly access Flash controls like they can with HTML.
> You would need to take and decompile the Flash file itself to setup
> any sort of bot, but then if you include domain verification then even
> that won't work for them. ^__^
>
> --
>
> Onideus Mad Hatter
> mhm � x �