Hey guys! When I was developing today I realized that the username primary keys were not case sensitive. This is a big drawback. It reduces the number of unique and viable usernames. Even though this number is still gargantuan, case sensitive usernames are a must everywhere.
The demonstrate my problem, here's what was happening:
nitin was a username registered on my site. It was allowing entry and showing the same account when logged in with Nitin, nItin, and so on. There are 32 possibilities (2^5) of nitin being spelled with either upper or lower case characters.
Thus, 32 possible user accounts were being mapped on to only one. To do this, the username has to be checked in the query itself.
Now, select something from some_table where username = "nitin" would give you the same result for all 32 possibilities of nitin.
To avoid this, the query has to be altered:
select something from some_table where binary username = "nitin"
The binary checks for case also.
Cheers!
The demonstrate my problem, here's what was happening:
nitin was a username registered on my site. It was allowing entry and showing the same account when logged in with Nitin, nItin, and so on. There are 32 possibilities (2^5) of nitin being spelled with either upper or lower case characters.
Thus, 32 possible user accounts were being mapped on to only one. To do this, the username has to be checked in the query itself.
Now, select something from some_table where username = "nitin" would give you the same result for all 32 possibilities of nitin.
To avoid this, the query has to be altered:
select something from some_table where binary username = "nitin"
The binary checks for case also.
Cheers!
No comments:
Post a Comment