The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
It's safe to overwrite the username value?
We're trying to implement an alias feature, to give our registered users (their login value is fixed by the organization, but they want to give them the possibility of posting more "anonymously") the possibility of appearing on screen with their alias, so only the administrators can know which username is behind an alias.
We've tried an existing plugin, but it doesn't cover all the range we want (forums list, threads, user's page ...). We also tried to modify some templates to show the alias instead of the username, but there are lots of templates, and some variables not easily accessible (e.g. the lastposter values). So, we've thinked on overwriting the username value in the fetch_userinfo hook with the alias value we store in a custom field. It seems to work in most places (not fully tested), and we think that it could be fine, because most of the DB tables work with the userid value, not the username, but we would be pleased if some developer or expert could give their opinion about the security of this method. Thanks in advance. |
#2
|
|||
|
|||
I would not consider this safe without extensive testing.
|
#3
|
|||
|
|||
Thanks, we're going to test it extensively...
At this moment, we've a little problem, when we log out, the cookie value for username (the username value set by default when you enter to the forum without being logged in) is set to the alias value, due to this modification. I've been looking to the hooks, trying to figure where the cookie is set, but I'not been able to find it... somebody knows where it happens? |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|