vForums Support > System Improvements :: Suggestions :: > Suggestion List
Suggestion List - Posted By dog199200 (dog199200) on 19th Dec 09 at 1:27am
Ross,

1) User ID based Profile URL Instead of Username Based - I'm sure a few members here will agree with me that there should be an option to display the id to the users profile as the user id and not by their username. When it comes to the forum being used for a professional reason, the fact that the users username is in the url to their profile, it becomes a security risk, not only to the members but to the admin as well. This would also work as a paid feature if needed for those that need it instead of it being done for everyone.

2) Changeable Admin Username For Security - Now anything this is it also a security risk for the admins username to be admin. Its one of the first few things people try when hacking into a website. It be nice to add something within the admins modify profile that shows up the first time they go to edit their profile and asks them if they want to change their username. It would make each forum more secure. Now its also acceptable for this to be a paid option to be done via you as well. Keep in mind that if the first suggestion isn't implemented, this option is basically pointless cause the username can just be gotten from within the profile url.

3) API - Setting Option Via Registration - I know you just changed the registration system and adding the new features to the API will be done sooner or later, but some more of the current features in the profile should be added as well. the main one i'm thinking of for the registration API is being able to set the users Display Name upon registration. The reason for this is I don't want people changing their display name all the time, so I blocked it, but I don't want their username to be used as their display name so then being able to assign a display name upon registration would be a great help. I'm sure other people can find any uses for this as well.

I think thats all for now. I'd really appreciate these things being added, or if anything considering making them paid features or something. I really don't mind paying for something to help protect the privacy of my members as well the security of the site.

Thank,
Dwight ~




Re: Suggestion List - Posted By Aiken (ionfortuna) on 19th Dec 09 at 4:38am
I like suggestion #2, the admin usermame seems to impersonal
Re: Suggestion List - Posted By dog199200 (dog199200) on 19th Dec 09 at 5:05am
being personal wasn't the reason I suggested it. I was looking on the side of enhanced security {Wink}
Re: Suggestion List - Posted By Ross (admin) on 19th Dec 09 at 11:15am
#3 will definitely be happening. Although I was under the impression the registration API could already set the display name. Do you want me to take a look at your registration API code to try and get it working?

#2 is technically possible but could make things complicated, particularly for support and identifying who owns the forum. I'll think on it a little more.
Re: Suggestion List - Posted By dog199200 (dog199200) on 19th Dec 09 at 12:22pm
Posted By Ross on 19th Dec 09 at 11:15am
 
#3 will definitely be happening. Although I was under the impression the registration API could already set the display name. Do you want me to take a look at your registration API code to try and get it working?


The API is setup so that upon registration is used the username ais the display name, and doesn't provide an option for a member to provide a display name to be displayed over the username. Or if it does its not documented within the latests API code you posted. And sure, maybe you can see whats wrong with it {Unsure} I sound have the parameters all set right, having them calling off the form the user submits, but here it is, its the same went i sent in pm i tihnk last week lol, i did get oneof the problems you pointed out before fixed, but it still wont work and i see no other problems {Unsure}

PHP Fragment
Code:
Select All
 
  1. <?php
  2. if(isset($_POST['user'])) {
  3. $reg = $vf -> register_user(Array(
  4. "username" => $_POST['user'],
  5. "password" => $_POST['pass'],
  6. "password2" => $_POST['confirmpass'],
  7. "email" => $_POST['email'],
  8. "dobm" => $_POST['month'],
  9. "dobd" => $_POST['day'],
  10. "doby" => $_POST['year'],
  11. "skip_email" => "1",
  12. "tos" => "1"
  13. ));
  14.  
  15. if(is_string($reg)) {
  16. echo "<div class=\"error\">The following errors were found:<br />" . htmlspecialchars($reg) . "</div>";
  17. } else {
  18. echo "<div class=\"message\">Welcome ". $reg['user_name'] ."!<br />Your account has been registered on our forum. Click <a href=\"/index.php?area=private\">here</a> to go to the members area.</div>";
  19. }
  20. }
  21. include("./includes/register-form.php");
  22. ?>
 


Form Fragment
Code:
Select All
 
  1. <center>
  2. <table border="0">
  3. <tr>
  4. <td>
  5.  
  6. <form method="post">
  7. <input name="account_id" id="account_id" type="hidden" size="15" value="<?=$reg['user_number'];?>" />
  8.  
  9. <label for="username">Username:</label><br />
  10. <input name="user" type="text" size="15" /><br /><br />
  11.  
  12. <label for="pass">Password:</label><br /> 
  13. <input name="pass" type="password" size="15" /><br /><br />
  14.  
  15. <label for="confirmpass">Confirm Password:</label><br /> 
  16. <input name="confirmpass" type="password" size="15" /><br /><br />
  17.  
  18. <label for="email">Email Address:</label><br /> 
  19. <input name="email" type="text" size="15" /><br /><br />
  20.  
  21. <label for="birthday">Date Of Birth:</label><br /> 
  22.  
  23.  
  24. <select name="month"><option value="0">--Month--</option><option value="1">January</option><option value="2">February</option><option value="3">March</option><option value="4">April</option><option value="5">May</option><option value="6">June</option><option value="7">July</option><option value="8">August</option><option value="9">September</option><option value="10">October</option><option value="11">November</option><option value="12">December</option></select>
  25.  
  26. <select name="day"><option value="0">--Day--</option><option value="1">1</option><option value="2">2</option><option value="3">3</option><option value="4">4</option><option value="5">5</option><option value="6">6</option><option value="7">7</option><option value="8">8</option><option value="9">9</option><option value="10">10</option><option value="11">11</option><option value="12">12</option><option value="13">13</option><option value="14">14</option><option value="15">15</option><option value="16">16</option><option value="17">17</option><option value="18">18</option><option value="19">19</option><option value="20">20</option><option value="21">21</option><option value="22">22</option><option value="23">23</option><option value="24">24</option><option value="25">25</option><option value="26">26</option><option value="27">27</option><option value="28">28</option><option value="29">29</option><option value="30">30</option><option value="31">31</option></select>
  27.  
  28. <select name="year"><option value="0">--Year--</option><option value="1996">1996</option><option value="1995">1995</option><option value="1994">1994</option><option value="1993">1993</option><option value="1992">1992</option><option value="1991">1991</option><option value="1990">1990</option><option value="1989">1989</option><option value="1988">1988</option><option value="1987">1987</option><option value="1986">1986</option><option value="1985">1985</option><option value="1984">1984</option><option value="1983">1983</option><option value="1982">1982</option><option value="1981">1981</option><option value="1980">1980</option><option value="1979">1979</option><option value="1978">1978</option><option value="1977">1977</option><option value="1976">1976</option><option value="1975">1975</option><option value="1974">1974</option><option value="1973">1973</option><option value="1972">1972</option><option value="1971">1971</option><option value="1970">1970</option><option value="1969">1969</option><option value="1968">1968</option><option value="1967">1967</option><option value="1966">1966</option><option value="1965">1965</option><option value="1964">1964</option><option value="1963">1963</option><option value="1962">1962</option><option value="1961">1961</option><option value="1960">1960</option><option value="1959">1959</option><option value="1958">1958</option><option value="1957">1957</option><option value="1956">1956</option><option value="1955">1955</option><option value="1954">1954</option><option value="1953">1953</option><option value="1952">1952</option><option value="1951">1951</option><option value="1950">1950</option><option value="1949">1949</option><option value="1948">1948</option><option value="1947">1947</option><option value="1946">1946</option><option value="1945">1945</option><option value="1944">1944</option><option value="1943">1943</option><option value="1942">1942</option><option value="1941">1941</option><option value="1940">1940</option><option value="1939">1939</option><option value="1938">1938</option><option value="1937">1937</option><option value="1936">1936</option><option value="1935">1935</option><option value="1934">1934</option><option value="1933">1933</option><option value="1932">1932</option><option value="1931">1931</option><option value="1930">1930</option></select>
  29.  
  30. <br /><br />
  31.  
  32. <input name="tos" type="checkbox"> I have read and agree to the <a href="./tou.php" target="_blank">Terms of Use</a>.
  33.  
  34. <br /><br />
  35. <input type="submit" name="register" value="Register" />
  36. </form>
  37.  
  38. <br />
  39. <b>Already Got An Account?</b> Login <a href="./login.php">Here</a>!
  40.  
  41. </td>
  42. </tr>
  43. </table>
  44. </center>
 


I'm not sure if it not working because I never called a post action in the form or not, considering i just noticed I completely forgot to do that. Not sure if it would need it though, consider it does try to run the code. Juts doesn't write to the database or check any of the values in the fields.

Edit: Adding
Code:
Select All
 
  1. action="<?php echo $PHP_SELF;?>"
 
made no difference

Also to see exactly what its not doing go here and put in any random info, then try it again and put in nothing and see what it does.


Posted By Ross on 19th Dec 09 at 11:15am
 
#2 is technically possible but could make things complicated, particularly for support and identifying who owns the forum. I'll think on it a little more.


Ok, but again I think the first 2 things I suggested are best as paid features, per forum that needs them or wants them, that way its not opening a bunch of features people wont use and cause more of a problem. All I know is that since the username is used to login to everything on the forum, its not good to have ti where it can be seen by other people and making the accounts easier to access. Thats at least my outlook on it all
Re: Suggestion List - Posted By dog199200 (dog199200) on 20th Dec 09 at 1:20am
OK now i'm going to pick apart whats wrong with everything your saying:

1) If setup right, upon registration a username and display name can be setup, check for both will be ran, making sure either are not in use. It should be rather easy if to do using the API.

2) The PM system could call off the display names and not the user id's, keep in mind the display name will basically replace the idea over the username, and with setup right the display name can't be changed.

3) As for the deleting problem, from my under standing ross keeps all accounts on the server anyways as a back up, incase something happens they can be restored. So the problem with using the same ID is being void.

Again though this isn't something an every day forum would need, but one thats using it for commercial/industrial reasons, and would work best as a paid addon.


If I miss read anything i'm sorry I kind of just woke up.