When someone enters the User Control Panel and has the feature to set a custom user title, they can bypass it pretty simple by just saving the html to their hard drive, alter the property of the max. length and then submit the form. Which happened a few times on my forum now.

-- The users could also have asked me to change it for them, but .. --

It would be nice if this could be 'fixed' in an upcomming release.
(read fixed relativly)

The bugger with this is, they can bypass pre-set options like hidden input fields etc.

Yep a bug, in member.php

look for

$customtext = censortext($customtext);

below it add


$customtext = substr($customtext, 0, $ctMaxChars);

this is a temporary solution and might not be the one that a developer uses.

Thank you for moving it to this board, so the dev's see it. And I will use that patch untill 2.2.6 gets released (I assume it is fixed up in there?).