1 (edited by Gary13579 2006-04-20 04:06)

Topic: Eeek! Multiple usernames

Heh, long time no see smile

I've discovered a bug which allows more then one of the same username.
Example: I could immatate Rickard's account by registering as & # 0052;ickard. (remove spaces)

Edit: Opps, that would be 4ickard... But you get the point. Just change the unicode character.

Indocron
$theQuestion = (2*b) || !(2*b);

Re: Eeek! Multiple usernames

Wow really? Interesting, i might need to look into this.

3

Re: Eeek! Multiple usernames

http://img240.imageshack.us/img240/2784/bug3vu.png
Yep, it's a bug. But you do not herit of the group of the previous user. A good point smile

Re: Eeek! Multiple usernames

Is this at all related? http://punbb.org/forums/viewtopic.php?id=9962

Looking for a certain modification for your forum? Please take a look here before posting.

Re: Eeek! Multiple usernames

Yup, it is. Seems someone already found it.
Now to figure out how to stop forum members from abusing it...

Indocron
$theQuestion = (2*b) || !(2*b);

Re: Eeek! Multiple usernames

Try using html_entity_decode() on your input smile