On Dec 28, 2010, at 3:23 PM, Dotan Cohen wrote:
> On Tue, Dec 28, 2010 at 22:02, Joshua Kehn <josh.kehn@xxxxxxxxx> wrote:
>> Trim usernames but not passwords.
>> Some people put spaces at the beginning and end of their passwords. Double
>> confirm and don't mess with the input otherwise they tend to get confused.
>>
>
> How about:
>
> if ($trimmedUsername != $username){
> trim($password);
> }
>
> I suppose that it is reasonable to assume (ha!) that if one was
> copy-pasted with spaces, so would the other. Naive, I know, too bad I
> don't dare start logging raw data to determine how true this might or
> might not be.
Educate the users, don't compromise the system. Either go full on and trim everything (I don't recommend this) or trim nothing. Be consistent in which one you pick.
Regards,
-Josh
____________________________________
Joshua Kehn | Josh.Kehn@xxxxxxxxx
http://joshuakehn.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
