tags:

views:

103

answers:

3
Q: 

Disallow user's last name in username

Using the Django framework, I've built a user-based web application. After some time, my client requested that the application disallow creating usernames that contain users' last names.

I have two questions:

  1. Is it possible to do this reliably, always catching someone trying to register a username containing their last name, which is also present as a sign-up field? (My understanding and experience is that users can easily subvert this and still make the username look like their last name just by adding special characters or integers.)

  2. What would be the best way to do this?

A: 

I don't think you can accomplish this withoud knowing their last name first. For example if I can make my username:

joevasquez OR jvasquez OR vasquezj OR vasquez...

There are no rules on what constitutes someome's last name. What if someone's last name is joe? It's not like filtering swearwords.

What is the reason behind this request? If it's privacy you can inform the user, but I don't think you can stop people from using their last names.

jobscry  2009-09-06 19:25:32
whoops, forgot their last name is in the registration. cpharmston's spot on.
jobscry  2009-09-06 19:43:21
The reason is privacy, and I think in the end it might be better to go with a social solution and inform the user upfront than to rely on a programming technique and show them errors.
 2009-09-06 22:09:41
+3  A: 

Try creating a custom validation rule. The function (which would be a member method of a subclass of django.forms.Field) might look something like this:

def validate(self, value):
    if len(re.findall(self.lastname,value)) > 0:
        raise forms.ValidationError('Your username may not contain your last name.')
    return value
cpharmston  2009-09-06 19:35:59
But it still is possible to subvert this by using something like this: "and3rson" (last name "Anderson"). While it is simple to look for exact string, users will find a way to add their last name to username in some form anyway. I guess the big question is whether this is a good idea in their first place.
 2009-09-06 22:07:46
A: 

You can simply have your app autogenerate the usernames? Or use email as username?

nabucosound  2009-09-07 09:16:27
Users need to choose usernames that are memorable to them, so I'm not sure that autogenerating them is the best option. As far as using email address, 2 or more people can share one.
 2009-09-07 23:41:13

related questions

Does anyone have a good Proper Case algorithm
Converting bool to text in C++
Does PHP have an equivalent to this type of Python string substitution?
PHP ToString() equivalent
What's the difference between a string constant and a string literal?
What would be the fastest way to remove Newlines from a String in C#?
Why is String.Format static?
PowerShell - How do I pass string parameters correctly?
What's the best string concatenation method using C#?
Java: Best way of converting List<Integer> to List<String>
C# String output: format or concat?
Parse usable Street Address, City, State, Zip from a string
C# Save Dialogs
How do I Convert a string to an enum in C#?
PowerShell - how do I do a string replacement in a function?
Case insensitive string comparison in C++
Why doesn't Ruby have a real StringBuffer or StringIO?
Checking for string contents? string Length Vs Empty String
Remove Quotes and Commas from a String in MySQL
Test serialization encoding
In C# what is the difference between String and string
String.indexOf function in C
What is the best way to parse strings in Java
Format string to title case
Generate list of all possible permutations of a string