Skip to:
Content
Pages
Categories
Search
Top
Bottom

Privacy breach on my BP install, need help please

  • Hi,
    I have a membership site where each member’s login name is their email adress.
    I just installed BP and it is revealing everyone’s email adress because it uses the default “login” field from wordpress, instead of displaying the full name field.

    It is a huge privacy breach.

    How do I change this ?

    ** here’s what’s happening now :
    When someone new registers on my site, they login as johnspersonalemail @gmail.com and their “first name” wordpress field is John, last name is “Doe”.
    But their BP member URL is mywebsite.com/members/johnspersonalemailgmail-com
    and it’s also clearly displayed on their member page : John Doe @johnspersonalemailgmail-com

    ** here’s what I want
    I want their login information to be hidden on all BP pages.
    So the member URL would be mywebsite.com/members/johndoe
    and on the page it would show John Doe @johndoe

    How do I do this ?

    Thanks for your help, I’m looking forward to your helpful answers.

    Sebastien

Viewing 9 replies - 1 through 9 (of 9 total)
  • Does somebody have an answer ? I’m really afraid some email harvesters will start spamming my members.


    paulhastings0
    Participant

    @paulhastings0

    First of all I would change it back to the “full name” field until you figure this out.

    What versions of WordPress and BuddyPress are you using?

    Hi Paul, I am using WordPress 3.0 and BuddyPress 1.2.6

    I have not changed any settings – Buddypress comes right out of the box using member’s login info in the urls.
    My URL for instance is /members/admin and stays that way even though my full name is “FirstName LastName”.

    I need BuddyPress to use the full name field, not the username field.

    Can you help with this ?

    Sebastien


    paulhastings0
    Participant

    @paulhastings0

    And I assume you’re using the BuddyPress Default theme?

    I’m on a different theme, and I made it BuddyPress compatible using the plugin that edits the theme.

    I guess I can edit this out of the member page, what concerns me is the URL.

    With an url like website.com/members/johnsmith-gmail-com
    it’s not really hard to harvest the emails of everyone and spam them.

    Please provide me with instructions on changing these urls.

    Sebastien


    paulhastings0
    Participant

    @paulhastings0

    It might be related to your theme and it’s functions.php file or incompatibilities. Try using the BuddyPress Default theme and creating some new users with that, then let us know what happens.


    Boone Gorges
    Keymaster

    @boonebgorges

    The problem is that you’re using email addresses as user names. BuddyPress must usernames to make up URLs. Usually usernames are chosen by the user, so there is no issue with exposed emails as in your case. Are you using a plugin to allow this?

    Hi Boone, this is not a plugin, it’s just a way to make sure the users don’t forget their login information. Ever since the beginning we’ve asked them to use their email as their username.

    Is there any way to tell BuddyPress to use first names, or pseudonyms, instead of the usernames ? or just user IDs instead ?

    Sebastien

    Not really. You could probably hack core to do this but it’d be a lot of effort.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Privacy breach on my BP install, need help please’ is closed to new replies.
Skip to toolbar