Disable option to search members with ‘space’ or * or ?

@yolandal

This limit is set at the MySQL database engine level.
When I do a search with your example single characters I will get a database SQL error reported to my debug.log file.

Ask your web hosting support if they can help you to set minimum characters for search to 3.

@yolandal

MyISAM storage engine has the default value of four characters minimum for searches.
Server variable is: ft_min_word_len
https://dev.mysql.com/doc/refman/5.7/en/server-system-variables.html#sysvar_ft_min_word_len

A better storage engine solution is to use InnoDB,
where searches with three characters is the default minimum.
Server variable is: innodb_ft_min_token_size
https://dev.mysql.com/doc/refman/5.7/en/innodb-parameters.html#sysvar_innodb_ft_min_token_size

You can verify your web hosting configuration with the phpMyAdmin tab:
”Server variables and settings”.

Thank you, I will contact them. I’m not familiar with MySQL so I won’t change anything myself.

Maybe an idea for your development department to add an option to prevent searching with a space or * or ? ?
Previously, I worked with the UPME plugin (no longer online) and they had this option in the settings.

Hello MissVeronica,

I contacted my webhost. They explained to me that it’s rather unusual that a plugin leans on the databaseserver configuration for the length of a search word, it should be expected that this should be directed in PHP.

Is there any way you can implement this in the plugin?

Please note that we have very strict privacy laws in Europe, and we, as a platform with 300 members, have to do everything to prevent mass collecting information of other users.

@yolandal

You can try this code snippet which will remove your critical search characters.

add_action( 'um_member_directory_before_query', 'um_member_directory_gdpr_search_limit' );

function um_member_directory_gdpr_search_limit() {

    if ( isset( $_POST['action'] ) && $_POST['action'] == 'um_get_members' ) {
        if ( isset( $_POST['search'] ) && in_array( $_POST['search'] ), array( '*', '?', ' ' ) ) {
            $_POST['search'] = '';
        }
    }
}

Thank you, but this way it still is possible to find (scrape) all names with an a, e, o, i etc (and almost any name has that).

It would be better to set a minimum of 3 characters, is that possible in php?

• This reply was modified 1 year, 2 months ago by yolandal.

@yolandal

add_action( 'um_member_directory_before_query', 'um_member_directory_gdpr_search_limit' );

function um_member_directory_gdpr_search_limit() {

    if ( isset( $_POST['action'] ) && $_POST['action'] == 'um_get_members' ) {
        if ( isset( $_POST['search'] ) && strlen( $_POST['search'] ) < 3 ) {
            $_POST['search'] = '';
        }
    }
}

Thanks for your quick reply!

But I’m afraid this code is not working ??

Even if I type the letter X, I’m getting the full list… (I know I can set this to max 4 but that’s not for this issue).

Can you help out?

@yolandal

Updated

add_action( 'um_member_directory_before_query', 'um_member_directory_gdpr_search_limit' );

function um_member_directory_gdpr_search_limit() {

    if ( isset( $_POST['action'] ) && $_POST['action'] == 'um_get_members' ) {
        if ( isset( $_POST['search'] ) && ( empty( $_POST['search'] ) || strlen( $_POST['search'] ) < 3 )) {
            $_POST['search'] = md5( $_POST['search'] );
        }
    }
}

• This reply was modified 1 year, 2 months ago by missveronica.
• This reply was modified 1 year, 2 months ago by missveronica.

Wow, you are quick, I appreciate that!

Yes, this code works, but…. it searches ALL fields, so also in the bio. Which means if they search on the word ‘and’ also a lot results will show.

Is it possible to set it only for names?

Actually, I have set up filters, and I only want to show these. So if I can hide the regular search that would be ok as well.

Here is a screenshot of my search

https://i.postimg.cc/Kzy62hxW/20240119-150836.jpg

@yolandal

You can remove the Search by un-clicking “Enable Search feature” in Members Directory.

If I do this, the Search button disappears, and also the search functionality ??

• This reply was modified 1 year, 2 months ago by yolandal.

@yolandal

With this plugin you can define the fields to be used for your search.

https://github.com/MissVeronica/um-members-directory-custom-search

I have installed this add-on and selected the fields – I’ve played with both WP and UM fields. But still after searching for the word ‘and’ all profiles show up with that word in the bio.

What am I doing wrong?

https://i.postimg.cc/25q0XcWK/20240119-161639.jpg

@yolandal

I can’t reproduce your issue with the bio field.

About GDPR consent:
If you disable all Users from Members Directory
and then the User changes this to appear in the Members Directory
and now is your obligation according to GDPR fulfilled.