NOTE: This is a SupplementalDocument topic which is not included with the official TWiki distribution. Please help maintain high quality documentation by fixing any errors or incomplete content. Put questions and suggestions concerning the documentation of this topic in the comments section below! Use the Support web for problems you are having using TWiki.

FAQ: How can I use international (I18N) characters in usernames?

Answer:

By default, TWiki doesn't allow you to use international characters (i.e. letters other than A to Z) in usernames. The reason is security: TWiki "filters-in" usernames, to prevent a hacker from inserting nasty characters that might allow them to take control of your server.

From TWiki 4.0.3, this restriction only applies on servers that don't support perl safe pipes, such as Windows, but the workaround is the same.

The workaround is to find the commands in configure that use the |S% parameter type specification. These are:

{RCS}{ciCmd}
{RCS}{ciDateCmd}

This workaround will allow you to use I18N usernames, but it will also allow a username containing naughty characters to be passed unchecked to the command line on unsafe platforms.

Back to: TWikiFAQ

-- Contributors: CrawfordCurrie

Comments & Questions about this Supplemental Document Topic

I think the real solution here is to have parameter types such as 'alphabetic characters only, including international characters' - this would work fine for European languages and any other languages using single-byte character sets. For languages that require UTF-8 (because the traditional double-byte character sets such as Shift-JIS and GBK cannot be used with TWiki), we need to implement UnicodeSupport, which makes such checks quite trivial using Unicode regexes. Some coding required, but we need to make the jump to Unicode anyway to support multi-lingual sites, which some have requested.

See RegisterCgiScriptRewrite for followup.

-- RichardDonkin - 03 Sep 2006