oasi
10-13-2008, 06:36 AM
We're trying to implement an alias feature, to give our registered users (their login value is fixed by the organization, but they want to give them the possibility of posting more "anonymously") the possibility of appearing on screen with their alias, so only the administrators can know which username is behind an alias.
We've tried an existing plugin, but it doesn't cover all the range we want (forums list, threads, user's page ...).
We also tried to modify some templates to show the alias instead of the username, but there are lots of templates, and some variables not easily accessible (e.g. the lastposter values).
So, we've thinked on overwriting the username value in the fetch_userinfo hook with the alias value we store in a custom field.
It seems to work in most places (not fully tested), and we think that it could be fine, because most of the DB tables work with the userid value, not the username, but we would be pleased if some developer or expert could give their opinion about the security of this method.
Thanks in advance.
We've tried an existing plugin, but it doesn't cover all the range we want (forums list, threads, user's page ...).
We also tried to modify some templates to show the alias instead of the username, but there are lots of templates, and some variables not easily accessible (e.g. the lastposter values).
So, we've thinked on overwriting the username value in the fetch_userinfo hook with the alias value we store in a custom field.
It seems to work in most places (not fully tested), and we think that it could be fine, because most of the DB tables work with the userid value, not the username, but we would be pleased if some developer or expert could give their opinion about the security of this method.
Thanks in advance.