| Re: Coding Help |
| by Kiwi_Chris on 2009/7/7 3:27:03 Hi all, Yes what ghia said is correct, if the user is able to make a comment in there profile on the game website that proves they have access to it. This is all I am trying to verify, so any random code would do, and as long as its in there profile page (game site side) this proves they have control over this account. this is enough for me then to put next to that members realname AKA, character name, "Verified Owner". I do not want this to be another way for them to register or be authenticated, just to verify they are who they say they are. |
| Re: Coding Help |
| by ghia on 2009/7/6 22:06:42 Quote: since anyone could find it on the game website Quote: We ask user to provide username and password from the other site. Curl might be an option to do the verification, if the required game site URl can be 'calculated'. |
| Re: Coding Help |
| by trabis on 2009/7/6 17:58:46 Jegelstaff, the code being visible is not an issue has long has we give user a private key. $serial = md5('somethingwebmasteronlyknows' . $linktoprofile) $privatekey = md5('anotherthingwebmasteronlyknows' . $serial) Example, you can give the user a serial that he can paste it on his profile and provide him another key that he should keep private. After the user paste the serial on the site2 he can go back to site1 and introduce the link to his profile and the private key. This should be enough to authenticate the user. Another aproach is using CURL. We ask user to provide username and password from the other site. CURL would then try to login and check if credentials were correct. |
| Re: Coding Help |
| by jegelstaff on 2009/7/6 16:48:19 If the code on the game website is available without logging in, then it's a bad idea to base your account creation on the other website on verifying that code...since anyone could find it on the game website (ie: they don't have to login to see it). You want to do the authentication based on some piece of information that the user gives you, that is only available on the game website to them personally, after they have logged in there. Then you need to do some kind of web services call to the game website to verify this information against the game website's database. Since you're looking for a way to authenticate individual users, Registration Codes is not useful in this case. But it does sound like the exact situation openID is meant to handle. If you enable both sites to use openID, then basically people should be able to login to your website using the same login they use on the game website. Good luck, --Julian |
| Re: Coding Help |
| by Kiwi_Chris on 2009/7/5 9:02:22 that is one way to do it, I think I'll use that until i find out how to use php to do that job for me. Ideally though I need something that will do the work for me, as I already have 800+ members and i have around 3-5 new members per day, so doing something manually is not ideal. I thank all those that have commented here. I will keep Googling around in the hope I'll find the info I need. thx again all. |