Dragonfly CMS v9 ⇒ Security v9 :: Archives ⇒ $DeniedUserNames and _bbdisallow :: Archived ⇒ Community Forums ⇒ CPG Dragonfly™ CMS
Forum IndexSecurity v9

Archived ⇒ $DeniedUserNames and _bbdisallow


How come the _bbdisallow table is no longer used to control banned usernames?

It looks like only the list in config.php is used to build a list of usernames that are forbidden.

This seems like a backward step in security and it also means that although the Members Delete module can add deleted members names to the _disallow table these will never be used and that this table is now redundant.

Is it possible to add this back in to the registration process (in the userCheck function) ? In fact wouldn't it be better to stick all the hardcoded names in config.php into the _bbdisallow table? That way we can have a nice admin interface to add usernames to the list.

Please enter your server specs in your user profile! 😢

All times are UTC