Security: author as name of class

Hi there,
ich really like SPARKLING, its very clear and well structured. I use it for our free and private blog.

But now the problem: the authors loginname is used as a CSS CLASS in the authors page, so hackers find out the loginname and keep on trying to hack us. I havent found the loginname somewhere else in the sourcecode, but on the authors page. Is it possible not to use loginname as CLASS there, because of security issue?

Thx very much for your increadible work

  • Dirk

Hello Dirk

Can you please show me an example page of this problem? let me see it first, but I’m afraid if the theme is coded like this then without customization of the template there will be a no option to change this

Well, thats what it looks like. For example my author page (Dirk – unterströmt), if you open the sourcecode, you will finde “author-dgerdau” (searching with “ctrl+f”). Thats the loginname so everyone can find it. There ist no other solution than programming the sourcecode. Maybe somthing for one of the next updates of the theme? :wink:

Good morning

Well, if you change this somehow you will not be able to open the link that is linked to author URL :slight_smile:
You can use this plugin to identify which file was used to render this link:

thx, for the link. I give it a try and change sourcecode or i will close authors sides and links. I have a beer now and think about it. :wink:

But maybe think about not to show loginname in sourcecode as class in the next few updates of SPARKLING.

Thx and have a nice weekend

Good morning and thank you for the suggestion

I will send your feedback to our developers, however yet I can’t promise anything :slight_smile: