For now, I don’t need absolute security in blocking the name change. The people who are playing with the rules are not technically savvy enough to even know what the development tools in their browser is made for, and they have absolutely no idea what html or CSS are. So, to me, the CSS method is a great initial solution.
If I can make it still a bit more difficult next week by adding this as a plug-in, then the security level I have is more than enough for my current needs. In any case, my forum is fully closed to non-members, so in the worst case, I can even have a disciplinary measure voted by the board and ban them from the forum. I just want that the option to change their name is not tantalizingly present on their profile.
And yes, I have a manual approval that is performed after I have checked that the members are valid and the forum is by invitation only.
This sounds like a privacy nightmare. Have you considered the implications of having people’s legal names in a database along with their IP address and email address? If someone malicious accessed your database, they could easily wreak havoc on your users’ personal, offline, lives with that particular combination of information
I’m not “defending” against anything, so much as wanting that making sure that people are known for who they are. We have a number of people of all ages, and if it mostly isn’t confusing for the younger folks, older people in the club often have problems relating to pseudonyms. With this system, we have the best of both worlds, allowing usernames to be chosen (within decency limits) and full names to be available.
Yes, and no. First, this is a private - by invitation only - forum. There is very little of interest of this database except a name and an email address. Of course, we can never be sure that the DB doesn’t fall in the wrong hands, but we spent a reasonable amount of time securing the site (and the DB). There are other DBs with much greater value, especially for personal information, than this one. And finally, the inscription on the forum, if strongly recommended to be advised of the club’s activities, is not mandatory.
In the end, we flagged both the risk and the danger of it as low.