locked
best practice: new username only once? RRS feed

  • Question

  • User-715675516 posted

    Hi Community,

     while programming with my database stuff i came upon the question on how to prevent usernames beeing created only once?

    For example:

    User A logs on, fills out the form - the desired username is available; but: there is a problem with the postcode, which needs to be corrected. 

    But: in the meantime, while User A is correcting the postcode, another user, User B, comes along and is looking up for the same username as User A. User B has no problem and he is getting the desired username. So, upon the next button press, User A has to change the username, even if it was available before.

    What is the best practice to prevent this?

     

    Regards

     

    Saturday, January 17, 2009 7:32 PM

Answers

  • User-821857111 posted

    I was just reading your reply (which certainly clarifies what you are after) and thinking Ajax.  Then I got to the bit where you recognised that Ajax has it's definite uses.

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, January 18, 2009 4:24 AM

All replies

  • User1566012831 posted

    The usual approach is to have membership happen in two steps.  First, the account is created, with only a bare minimum of information.  If a mistake is made at that point, the username is still available to anyone who comes along immediately afterwards.  Then in the second step, the user provides "profile" information -- post code, etc.  If profile info is critical, then perhaps site access is limited until it's done.

     

    Saturday, January 17, 2009 9:53 PM
  • User-821857111 posted

    Your assumption that User A's username is unavailable for duplicate checking while they might or might not be amending other parts of their profile is wrong.  Consequently, the scenario you outlined above cannot happen if you are checking for duplicates before entering a new user's details.

     

    Sunday, January 18, 2009 3:37 AM
  • User-715675516 posted

    RickNZ & Mikesdotnetting,

    thanks for your replies.

    Rick, what you said is a good point - but in my case i want the user to fill a reg.-form with some more information (in only one step); so in my case there is username, password, email-addr. and postcode on the reg-form (so the users have to "pass" only one form while registering, in comparison to what i call "multi form reg")

    Mike, perhaps i was unclear in this: what i wanted to say was, that i need to "save" (somewhere) the username entered by User A after its availbility check. The username is available for beeing checked - but it will look illogical if the user pressed "register", gets an error message that only the postcode is wrong, nothing else, then corrects the postcode, presses again register and gets then the message that the username isn't available anymore.

    I thought about having a "locked list" in the ApplicationState - if the machine is down/etc. (nice side effect: all usernames locked while the registration are going to be freed). But if an user has finished its registration, the name is taken out from the locked list and written to the normal DB.

    A not bullet-proof work-around to check for username availabilty, could be to test it in the last step, after error-checking the other form-input-fields. Another one could be using AJAX to check the username, when the user is switching the focus to the next element.

     

     

    Sunday, January 18, 2009 4:21 AM
  • User-821857111 posted

    I was just reading your reply (which certainly clarifies what you are after) and thinking Ajax.  Then I got to the bit where you recognised that Ajax has it's definite uses.

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, January 18, 2009 4:24 AM