Agreed. Worse still, the username can end with a "|". This shows that tainting mode is useful.