Last modified: 2014-09-03 23:55:21 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 17544 - Client-side validation of the username availability and that password meets requirements
Client-side validation of the username availability and that password meets r...
Status: NEW
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
All All
: Normal enhancement with 1 vote (vote)
: ---
Assigned To: Nobody - You can work on this!
: accessibility
: 47685 (view as bug list)
Depends on: 17312 40648 61416 64728 34447
  Show dependency treegraph
Reported: 2009-02-17 23:36 UTC by Thomas Bertels
Modified: 2014-09-03 23:55 UTC (History)
13 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Thomas Bertels 2009-02-17 23:36:42 UTC
When a user tries to create an account, if the captcha is successful but the username is already taken or the passwords doesn't match, the user has to take the test again. This is bad, especially since captchas are far from user friendly.

So, why not keep in mind that the user passed the captcha ?
Comment 1 spage 2013-04-19 21:54:40 UTC
Seems doable, using similar counter and expiration logic to ConfirmEdit/Captcha.php's triggerUserLogin().  There are probably security implications I overlook.

Were we to do client-side validation in Create account (see ACUX-3 in ), then users would be informed of_some_ form problems before filling out the CAPTCHA, lessening the need for this enhancements.
Comment 2 Thomas Bertels 2013-09-12 14:31:42 UTC
Indeed, client-side validation of the username availability and password seems like a much better way to do it.
Comment 3 Steven Walling 2013-12-06 19:28:33 UTC
*** Bug 47685 has been marked as a duplicate of this bug. ***
Comment 4 Gabriel Wicke 2013-12-06 22:40:51 UTC
In addition to the captcha, the user also has to re-enter the password twice. The only bit of previously-entered information that currently survives is the mail address.
Comment 5 Matthew Flaschen 2013-12-07 03:44:14 UTC
The username also survives.
Comment 6 Gabriel Wicke 2013-12-07 20:33:20 UTC
(In reply to comment #5)
> The username also survives.

Yeah, although you'll normally change it when you are looking for an unused username.
Comment 7 Matthew Flaschen 2014-09-03 23:55:21 UTC
There is nothing to validate for the email, since more than one account can have the same email.

Note You need to log in before you can comment on or make changes to this bug.