Disallow single non-alphanumeric characters in checkout name fields

[arraypress]

Bug Report

Expected behavior

There should be better validation on the checkout fields to prevent against customers using non-alphanumeric characters in the first/last name fields. This causes confusion when managing your customers, specifically if a lot of people "spam" and use these types of characters, which in turn creates users with similar names.

I believe a minimum of 2-3 characters should be a requirement in the first/last name fields.

Actual behavior

Non alphanumeric entry is allowed and the checkout will complete.

Steps to reproduce the behavior

1. Add a product to the cart.
2. Go to the checkout, enter a character like a full stop (or comma) in the first name field and a normal email address.
3. Checkout is completed and allowed.

Information (if a specific version is affected):

PHP Version: 7.2

EDD Version (or branch): 2.91

WordPress Version: 4.95

[arraypress]

For reference, here is a screenshot:

[cklosowski]

We still need to support characters like . , - etc. These are all characters commonly used in names and companies. However we should verify some alpha numeric characters exist.

There is a possibility that someone simply only wants to include an Initial which could be a single character.

With GDPR coming up I think I don't want a minimum number set, 1 is fine and good enough to complete a purchase, but I do think we should require that at least one alphanumeric character exists. Thoughts @easydigitaldownloads/core-team ?

[SeanTOSCD]

I agree that at least some alphanumeric should be required. I also agree that we shouldn't set a minimum. I think your suggested approach is a happy (and logical) medium.

[JJJ]

I do not think we should limit what types or kinds of names are allowed.

Prince was a symbol for a while. When someone’s name is “❤️“ we should be OK with that.

I know folks who have 2 letter names, and I know for a fact they buy stuff online.

I’m reluctant to add any rules to these fields.

[JJJ]

(Cue the Bobby DROP TABLES xkcd.)

[arraypress]

@JJJ I believe those to be edge cases and for the majority of stores, having at least a single alphanumeric character should be the accepted norm. With that said, making it filterable is definitely an option for people who do not want to impose this type of restriction.

[cklosowski]

I would actually go the opposite route, and just make it 'opt-in' restricted. This could potentially be damaging to a store's revenue if we make the purchase process more difficult, and as such, since current behavior exists, we would need an opt-in way to enforce this.