[rt-users] RT login with userid that is numeric

Fri Jul 2 13:53:56 EDT 2004

If that is the case, perhaps you should prevent someone from creating an all
numeric userid. It is not obvious at all why I could not log on using the
numeric id, only after looking through code did I find out. I don't recall
reading anything anywhere about creating userids that they could not be
numeric either.

Thanks.
Dave

-----Original Message-----
From: Jesse Vincent [mailto:jesse at bestpractical.com]
Sent: Wednesday, June 23, 2004 4:14 PM
To: Falkenburger, David
Cc: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] RT login with userid that is numeric

RT doesn't support numeric "names" for object. There are a number of
places in the product where we allow users to do things by name or by
id.  Using numeric names breaks that and could lead to unexpected
results.

On Wed, Jun 23, 2004 at 03:25:37PM -0400, david.falkenburger at rbc.com wrote:
> I was wondering if the login should be allowed to use an id that is
entirely
> numeric. Does not seem to be any limitation anywhere except in
autohandler:
> $session{'CurrentUser'}->Load($user);
>  
> Looking at the code for the RT::CurrentUser object, I found LoadByName and
I
> changed the code to
> $session{'CurrentUser'}->LoadByName($user);
> and I am now fine. Should this be the default? When would a user logon
using
> their actual record id number? Will doing this break anything somewhere
> else?
>  
> Thanks.
> Dave
> 
> ------------------------------------------------------------
> This e-mail may be privileged and/or confidential, and the sender does not
waive any related rights and obligations. Any distribution, use or copying
of this e-mail or the information it contains by other than an intended
recipient is unauthorized. If you received this e-mail in error, please
advise me (by return e-mail or otherwise) immediately. 
> 
> Ce courrier électronique est confidentiel et protégé. L'expéditeur ne
renonce pas aux droits et obligations qui s'y rapportent. Toute diffusion,
utilisation ou copie de ce message ou des renseignements qu'il contient par
une personne autre que le (les) destinataire(s) désigné(s) est interdite. Si
vous recevez ce courrier électronique par erreur, veuillez m'en aviser
immédiatement, par retour de courrier électronique ou par un autre moyen.
> 
> ============================================================ 
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> 
> RT Developer and Administrator training is coming to LA, DC and Frankfurt
this spring and summer.
> http://bestpractical.com/services/training.html
> 
> Sign up early, as class space is limited. 

-- 

------------------------------------------------------------
This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. 

Ce courrier électronique est confidentiel et protégé. L'expéditeur ne renonce pas aux droits et obligations qui s'y rapportent. Toute diffusion, utilisation ou copie de ce message ou des renseignements qu'il contient par une personne autre que le (les) destinataire(s) désigné(s) est interdite. Si vous recevez ce courrier électronique par erreur, veuillez m'en aviser immédiatement, par retour de courrier électronique ou par un autre moyen.

============================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20040702/d00f376a/attachment.htm>