Restricted User Names

[alsaffar]

Hi there,

I want to restrict some (UserName)s from been registered to my web site, so I made a table in the databse called (Restricted) putting inside it all the possible (UserName)s that I want to prevent the new users to register with them.

The following query I made to test if the new (UserName) is prohibited or not:

$Query = " SELECT UserName FROM Restricted WHERE UserName = '$_POST[UserName]' ";

and its working if the table contain for example the word "GAY" so if the new user tried to sign with user name "GAY" it will prevent him because its equals to the word "GAY" in the databse.

BUT if the new user tried to signup with "GAY1" it will let him!

The question now is how can I prevent for example all the (UserName)s that contains the word "GAY" if the word "GAY" is one of the rows in my table "Restricted"?

I hope I was clear

 

[danielhozac]

Try

$Query = " SELECT UserName FROM Restricted WHERE UserName LIKE '%" . $_POST['UserName'] . "%'";

//Daniel

 

[alsaffar]

Its not working, since Restricted.UserName is part of $_POST[UserName] not the opposite!

Anyway I tried it and its not working

Please HELPPPPPPPPPPP

 

[danielhozac]

Oh, right. The following works in PostgreSQL:

$Query = "SELECT * FROM restricted WHERE '" . $_POST['UserName'] . "' LIKE '%'||username||'%'"

//Daniel

 

[DRJ478]

Here's another thought:

Databases such as MySQL have a column property that only allows unique entries. That would be my choice for the user names.
It has the following advantages:
1. You can be sure that it is physically impossible to have a username more than once.
2. It's easy to check if the username is already in use.

All you need to do then is to check for the exact match. The approach of using partial checks is dangerous and ambiguous.
With unique IDs there is no problem to have GAY and GAY1 since they are distinctly different.

 

[KempCGDR]

I think the problem is that they have offensive names, not that duplicates might occur.

 

[DRJ478]

I see - I didn't get that because IMO there's nothing wrong with the word that is given as an example.
What we are after here is language cleansing which can be achieved with the solution that daniel suggested.
If someone wanted to identify themselves as a**h***, that's fine with me, maybe the person is actually telling the truth.

The alternative is to let them sign up with whatever they want and use that just as a unique alias. Handle all display with member ID generated by the system. Then they can call themselves whatever they want.

 

[KempCGDR]

Plus, if he blocks them how he suggested then unrelated ones would be blocked. For instance, blocking "sex" would also render (just off the top of my head) "sussex_girl" unusable.

 

[csniffer]

what about if u found a word like GAY or GAY12, then u write it to a text file, then once a day run some script that allows u to verify the suspect names? It seems to me that you are asking the computer to make a human decision.

To err is human, to completely mess up takes a computer.