1
cwsaylor
Re: Event signup module
  • 2003/6/29 3:22

  • cwsaylor

  • Just popping in

  • Posts: 2

  • Since: 2003/3/19


I'm working on one for a LAN party. I should be done with it soon. The external portion is finished, now I just need to figure out how to do the admin stuff. It has multiple payment options, paypal and automatic marking of people paid. I'll post it here when I'm done.



2
cwsaylor
Re: remembering logins?
  • 2003/4/10 19:57

  • cwsaylor

  • Just popping in

  • Posts: 2

  • Since: 2003/3/19


Here's how I handle user authentication on my non XOOPS sites. When a user logs in, I write an md5 sum of microtime concatenated with a site specific secret string to the database entry for the user and to a cookie. This is guaranteed to be a unique key. When the user comes back, I use that key to look them up. No encrypting of any user info needs to be done so nothing to crack on the workstation. However, like any other cookie, they can be stolen if someone has access to their local machine.

I will be hacking this into XOOPS when version 1 comes out if they haven't already fixed it. All this talk about cookies being a lack of security is over rated. Almost every major site on the internet has an option to auto login users. With all of the other security holes in operating systems, cookies are the least of our problems.

Chris





TopTop



Login

Who's Online

50 user(s) are online (20 user(s) are browsing Support Forums)


Members: 0


Guests: 50


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Aug 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits