Re: Adding a Remember Me on this very site

Also another nod towards a developer who I think deserves it (GiJoe)

Report
Topic | Forum


Re: Adding a Remember Me on this very site

Quote:


Vaughan wrote:
in admin we could do with a function that will instantly flush the session table and basicly destroy all current valid sessions without the need for going into the db manually, or changing the session name.



A very good idea.

On the same note - as I've sometimes still seen the XOOPS bug where themes are not refreshed immediately - how about something like James's "delete template_c" routine being added near this - which we use here, to effect immediate changes?

(Something that will remove all contents from cache, template c, and similar folders - except for the ususal index.html of course)

Report
Topic | Forum


Re: ImpressCMS Theme

I think I understand what you are saying about the smarty logic and it makes sense. After looking at the lines for several hours, I went cross eyed because they all looked similar. I wouldn't be surprised if I missed a couple scenarios.

BTW... Thanks Dave for helping me with the empty() function in Smarty!

I hope, when we are done with this thing, that the logic could possibly be integrated into the core somehow. For instance, a drop-down box to select the column quantity.

If 3 Col -> div id = col1, col2, col2
#col1 {width:33%}
#col2 {width:33%}
#col3 {width:33%}

Then just write the setting to blocks.html and blocks.css.

By using the left float technique, we can do this rather easily without breaking things provided the block width is consistent.

Oh, sorry, back on track.... Damn ADHD!

I'll get back to work on this. Thanks!

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...
Report
Topic | Forum


Re: Adding a Remember Me on this very site

Sounds like a reasonable compromise.

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...
Report
Topic | Forum


Re: Ohloh: the open source network

Steve, login to your Ohloh account and then go here :http://www.ohloh.net/projects/10042/contributors/50460

Click on the "I am this person" link on the oper right.

And everyone else, please do the same

Let me know if you have any issue !

Marc-André Lanciault
Founder and CEO INBOX International inc.
Co-Founder ImpressCMS
Report
Topic | Forum


Re: Ohloh: the open source network

I see that Ohloh is headquartered in Bellevue, WA. There's not some sinister connection with Microsoft, is there? (Microsoft is about five miles from Bellevue.)

Report
Topic | Forum


Re: Ohloh: the open source network

I am this person - http://www.ohloh.net/accounts/12188

Christian Web Resources
Facebook
Report
Topic | Forum


Re: Adding a Remember Me on this very site

So can we agree on this: put Gijoe's remember me feature in the core, controlled by a preference, turned Off by default.

Marc-André Lanciault
Founder and CEO INBOX International inc.
Co-Founder ImpressCMS
Report
Topic | Forum


Re: Ohloh: the open source network

Ok Ohloh have updated our project (they update projects about once a week), so now, I am not the only developer, yƩ !!!

http://www.ohloh.net/projects/10042/analyses/latest/contributors

Can I ask the people who have committed in our SVN to go on the previous link, click on your name and then on "I am this person" link on the upper right so Ohloh can associate your SF username with your Ohloh account (of course, if you don't yet have an Ohloh account, please creat one first).

Also, in your profile, please edit your physical location so the map can show the physical location of all ImpressCMS developer.

I know all this may sound not usefull, but I believe this is important from a marketing's perspective. It is important to show the project does not rely on only 1 developer, and that contributors are spread all around the world.

Thanks for your collaboartion on that matter !

Marc-André Lanciault
Founder and CEO INBOX International inc.
Co-Founder ImpressCMS
Report
Topic | Forum


Re: Adding a Remember Me on this very site

agreed with james & dave's points.

we just need to weigh up the convenience vs potential risks involved and agree to them either way.

which brings me to another feature request i think would be useful.

in admin we could do with a function that will instantly flush the session table and basicly destroy all current valid sessions without the need for going into the db manually, or changing the session name.

Live as if you were to die tomorrow, Learn as if you were to live forever

The beauty of a living thing is not the atoms that go into it, but the way those atoms are put together!
Report
Topic | Forum


Re: Adding a Remember Me on this very site

It is a potential security risk. One reason is using the feature on a shared computer, and neglecting to log out. Another reason is that it makes it easier for an attacker to gain access by hijacking an existing active session.

For these reasons, it should be disabled by default, and the setting in the admin page should have a note explaining the risk.

But it's also a very convenient feature. I think that the individual webmaster should have the choice of whether to use the feature for his site.

Report
Topic | Forum


Re: ImpressCMS Theme

Yeah, it's still rough. My brain is mush right now. I'll have to take a look at it tomorrow. Thanks!

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...
Report
Topic | Forum


Re: Welcome Kurak !

Welcome!

Christian Web Resources
Facebook
Report
Topic | Forum


Re: Modules

I agree and disagree on this one.

I think there should be some form of content management that is native to the core. Perhaps a "page" functionality with native WYSIWYG. Also a set of classes that enable you to output a ordered listed of recent pages in either templates or blocks.

If we are going more in the direction of Community Management Software, then I don't think modules should be bundled with the core. Core devs could still work on Mod dev teams, take Marcan for instance, but I don't think modules should be packaged with the core.

Now, if it is decided we move more towards true Content Management, then I would retract the above statement about bundling modules. Provided the modules bundled pertained to content management. (news, document management, blog, etc).

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...
Report
Topic | Forum


Re: Adding a Remember Me on this very site

Any "feature" that introduces a potential security risk that only provides functionality that can easily be replicated with one mouse click in a browser is a "feature" that has too high of a risk to justify its usefulness IMHO. But then again, I am p@r@n0!d.

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...
Report
Topic | Forum


Re: Adding a Remember Me on this very site

james, i understand some of the security ramifications of 'remember me', but i honestly don't think it's as big an issue as all the other exploits and vulnerabilities that crackers/hackers & script kiddies use to gain access.

I haven't seen or heard of any sites being hacked where the entry point was via the remember me hack.. most of what i have come across have been some kind of SQLi or input validation methods, or files placed on the server through various methods.

but of course it's open to discussion :)

Live as if you were to die tomorrow, Learn as if you were to live forever

The beauty of a living thing is not the atoms that go into it, but the way those atoms are put together!
Report
Topic | Forum


Re: usage of rel="external nofollow"

rel="nofollow" will be interpreted by Google as a paid link. Also, rel=nofollow does not pass PR.

See: Use rel=nofollow Only When Needed for my views on rel=nofollow

rel=external is a different story. I know there is the relationship defined by the XFN and microformats, but we need to also look at the SEO implications.

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...
Report
Topic | Forum


Re: Adding a Remember Me on this very site

-1 For security reasons.

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...
Report
Topic | Forum


Re: Remember me

Since it's a potential security risk, I think it should be "off" by default.

Report
Topic | Forum


Re: Remember me

Yeah, webmaster should be able to turn it on-off using some config parameter. Let me evaluate the implementation part. I've a feeling that it may become a big change running across core and modules.

Thanks,

Report
Topic | Forum



 Top