Openrct2: Limit how many times you can change name per hour

I have seen some really strang and offending names like I s@ck yo&r di$k and all that strange stuff. What do you think @Nubbie ? Would this really prevent inappropriate names?

I don't think so, as most people just use those stupid names to annoy people. We could also just make a list of words which can't be in a username and block characters like @, $, & to prevent the names like the one above. Maybe in addition of a limit to only be allowed to change your name two times in an hour or something. What do you think?

@mrtnptrs The problem isn't that they use one offensive name, the problem is that they keep on changing it all the time to slander the host in different ways all the time, sometimes even change name to hide that they had spammed with different names before

I see time from time again people who use all caps names and change them every time after they have been kicked, just to slander the host and players

I don't see a reason why you should be able to change your name every second when it creates problems with people spamming servers with different names

If you have one alias; You have it forever
Don't think normal players change their name 5 times within one hour

Requires central authority server... anyone can modify the code or use a build which bypasses checks like this.

@IntelOrca Indeed something I knew about was the problem sadly enough.. the only possible solution I would know for this was to fix it secretly and try to hide it so players dont know about it

Pretty much https://github.com/OpenRCT2/OpenRCT2/issues/3155

@Nubbie That users mislead the server owner/host is indeed a very good point. A central autority server would be a good idea. But as a temporary workaround a changing-name-limit could work and that the host checks the client if he did the check correctly (like changing his name in one game for maximum 1 time or something to force the user to choose a good name) when he changed his name and if not: get kicked out. Also, for 10 minutes or so, it should also be mentioned at the user-list of the MP game that he changed his name from xxxxx to xxxxx, so the admin and users know who it is.

But a login-system would fix this of course @janisozaur , but that will require a lot of work and is maybe something for the future.

Could servers be able to perhaps read User's IP addresses? These of course can be faked, but it would trim those out who at least don't know how (or can't) fake them.

Obviously this should be a special permission that is disabled by default for non-owners, but that permission could be combined with other permissions like being able to read the central login details or whatever else is used.

"But as a temporary workaround a changing-name-limit could work and that the host checks the client if he did the check correctly (like changing his name in one game for maximum 1 time or something to force the user to choose a good name) when he changed his name and if not: get kicked out. "

You're onto something. I am against the idea of completely blocking out changing names (as when i'm hosting my own server for testing purposes, i often change my name to wolfreak99, wolfreak100, wolfreak999, testuser1, etc), but i certainly wouldn't mind some sort of notification to the server host saying something like"wolfreak100 has connected (user has recently changed name from wolfreak99)", that way the host can decide whether or not they want to kick them.

When Bob hosts a multiplayer game, does Bob's client know the IPs of everyone connected? If so, couldn't Bob's client enforce a name change time limit on a per-IP basis? That would require connecting with multiple IPs to get around.

Could servers be able to perhaps read User's IP addresses? These of course can be faked, but it would trim those out who at least don't know how (or can't) fake them.

"Faking" an IP = connecting from some other IP that the malicious user has access to? The traditional reset-modem trick to get a new IP still adds a time delay. Using proxies would probably work, unfortunately, but it still adds hassle for harassers.

Rapid-changing names is a problem on Valve games (CS: GO and TF2). There are scripts that change names every second or so. The name is changed to other users on the server, to confuse people trying to vote-kick the player. This is another good reason to throttle name changes, if possible.

last time I knew the devs had their minds set against anything IP related. I was wanting to help add an IP based banning system before keyhash based authentication became a thing (as in the system that remembers your group if you have to reconnect), but they didn't want it in. They also sounded against a keyhash based banning system , however, so I'm not sure if it was against the idea of banning in specific. This was a while back though, so I'm not sure if views have changed or if they'd be okay with a name change limit or not.

If it's a per server basis, and the admin has control over it being enabled or disabled, that feels more reasonable though.

I would love to restrict based on IPs, but like someone mentioned before, there are countries that share a single IP address... So, blocking a single user could block the entire country.

Because people keep mentioning IP based, ive created a pull request that hows how to retrieve someone's IP. https://github.com/wolfreak99/OpenRCT2/tree/get_ip_example
The commits consist of 2 commits, the first one "save user IP and port when connecting" contains the essential modifications needed to get the information. The second one shows how to go about using it in the network class. The example code contains a portion that shows how you could go about banning people. If enabled, the example compares the IP with itself, so you will need to write your own proper ban checking mechanism yourself, as it's merely a placeholder.