Blocking inappropriate usernames

Submitted by Barrett on Thu, 10/23/2008 - 08:26

A question came up in one of the forum posts on drupal.org about a module to prevent inappropriate usernames.  A couple options were discussed, including using access rules and the abuse module.  Mostly as a learning exercise, I decided to try my hand at writing a module to handle the issue. The code I came up works with Drupal 5.x and uses the validate operation of hook_user to check for inappropriate names and return an error.

<?php
function cleannames_user($op, &$edit, &$user, $category=NULL)  {
  $dirty_names_array=array('badword1','badword2','etc');
  switch($op) {
    case 'validate':
      if(in_array($edit['name'], $dirty_names_array)) {
        form_set_error('name',t("Ooh, that's a dirty word.  I'm telling."));
      }
  }
  return;
}
?>

The module is not without problems, of course.  Specifically, it relies on a defined blacklist of names to block and won't match permutations of those names which would be obvious to people but which are not specifically defined in the blacklist (e.g., "b4dw0rd1" would be accepted).  On the other side, though, making the code more robust in terms of name blocking runs an increasing risk of false positives being blocked.  Also, in a production quality module, the blacklist contents and the error message returned should be defined through an administrative form rather than hard coded.  As a learning exercise, though, I count the module as a complete success.

Tags

Add new comment

Your email address will not be displayed to other users.

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
  • Allowed HTML tags: <a href hreflang><br><p>