New user login failed

[donw]

I'm a first time user. My login failed with the message appended below. I'm currently logged into eBay so I know the password is good. My eBay password comes from a password generator and includes letters, digits and the symbols:

+ - = _ # $ % ^ & ; : , . < > / ~ \ [ ] ( ) { } ? ! |
as well as the "at" symbol, which your forum anti-spam software won't let me post.

Let me know if you can't handle any of these characters or if you have a length restriction on passwords.

=================

Password is not a match. Could not log you in.

eBay refused your password. Please check the following:

1) Try to log in with the same username/password combination directly at the ebay website. If this fails, you have to resolve the problem with ebay directly.

2) If you use multiple languages / locales, check that your keyboard is set to the right one.

3) Some special characters presented a problem for Gixen in the past. If you use an unusual character in your ebay password, please let us know what it is (never email your full password, just the character in question).

4) If you changed your ebay password, the new password applies to Gixen as well. All the snipes scheduled with the old password are invalid and you have to re-enter them. You can no longer see the old sniping entries.


Warning: pg_exec() [function.pg-exec]: Query failed: ERROR: value too long for type character varying(64) in /usr/local/apache2/htdocs/gixen/home_main.php on line 223

[mario]

Don't tell me your password includes all of these characters? Dollar sign and quote are likely a problem, the rest should be fine.

[donw]

For security reasons I don't intend to list exactly what characters my password includes on a public forum.

There is no quote in the list from my first post.

As a software developer I'd be most concerned about \ < and >
especially \ as it is commonly used to escape other characters. Could you please review your code and let me know what your restrictions are.

[mario]

You're right about that it should be me giving precise specifications about what works and what doesn't. The problem is - I don't have enough test accounts to check every possible situation, and I think in the last few years I spent a lot of time working on this anyway. Finally, I got it to the point where it works for 99.9% of users - and focused on other issues that I have plenty of to take care of since I am running this show alone.

As for special characters in question... I don't think that noting what the characters are (just the special characters, not your entire password) is a security risk for any practical purpose; However feel free to email me, and I will provide you with a SSL form link you can use to send me a secure message.

[Gixen]