Registration Security Fix
Posted by Falk on 09/23/2004

---

It has been brought to my attention that there is a minor security problem with the registration page. The fault does allow a user to create a clone account, that's a new account using an existing name. The cause: the username textbox accepts 50 characters, but the username db field is only 30 characters long.

This issue can be fixed by downloading the Registration Security Fix. Thanks to Xer0X for the information.
Update: I've added some extra code to strip out multiple spaces and also added the fixes to update_profile.php. The full/upgrade packs have also been updated.