Vandaler did NOT hack the website.
However, he led me to believe he did. He said he used "some loophole" -- which I naturally figured was a SQL injection or some such security vulnerability in my message board software.
Oddly enough, the author DID find a vulnerability as a result of my e-mail to him! So perhaps this is for the best.
Anyhow, Vandaler never corrected me with something like "Just go into the Control Panel -- anyone can do it!" downplaying what he did. On the contrary, he insisted on deceiving me into thinking he was hacking my site via some clever loophole or vulnerability.
I have disabled the ability to "format your name" which I think is a stupid and useless ability. However you typed in your name the day you registered is now set in stone -- that includes spaces, capitals, etc.
Since I was going on bad information before, I'm going to correct it now by un-banning Vandaler and Erin is Nice.
Matthew