Adding a Remember Me on this very site

QUick thing,

When this site becomes community.impresscms.org, would it be possible to add Gijoe's remember me feature ? I think I have loged here about 30 times today !

Thoughts

Topic | Forum


Re: Welcome Sudhaker !

  • 2007/12/10 13:18:30
  • herko

Sudhaker, isn't your specialty federated sign in? I would love to see your views on what the best pluggable and expandable login system would be for a new CMS like this one...

Herko

p.s. this is a 'welcome to the team' post of course

Tomorrow never comes until it's too late
Topic | Forum


Re: Auditing Code (security wise)

Quote:

I don't think queryf bypasses the text sanitizer; it just allows non-SELECT queries, such as UPDATE and INSERT, to be done when processing a GET request. But I agree that queryf should only be used in special situations when it's really needed.


Correct. XOOPS database factory automatically prevent UPDATE and DELETE query to be used in a GET request. So if you absolutely need to use on of these queries in a GET request, then you would need to use queryF().

For example, updating the counter of an article when a user gets to the page would need a queryF as the user is not accessing the article via a POST request...

But indeed, queryF needs to be used with extra care. The concept behind is that all queries that changes the database need to be within a POST request.

Marc-André Lanciault
Founder and CEO INBOX International inc.
Co-Founder ImpressCMS


Re: usage of rel="external nofollow"

  • 2007/12/10 13:16:22
  • herko

I'll look into this, as this is a webstandards issue. Thanks for proviing the quick and easy solution at the start It makes it easier

Herko

Tomorrow never comes until it's too late


Re: Welcome Kurak !

welcome kurak :) hope you're ready to be impressed ;)

(excuse the pun) lol

Live as if you were to die tomorrow, Learn as if you were to live forever

The beauty of a living thing is not the atoms that go into it, but the way those atoms are put together!


Re: Welcome Sudhaker !

super, welcome sudhaker :)

Live as if you were to die tomorrow, Learn as if you were to live forever

The beauty of a living thing is not the atoms that go into it, but the way those atoms are put together!


usage of rel="external nofollow"

I added the js for allowing rel="external", rel="nofollow" & rel="external nofollow" in a href tags to the core earlier in reboot.

I think it would be ideal to replace all occurences of target="_blank" in the core.

but (yeah there's always a but) lol

does anyone have any suggestions or advice on exactly which rel value to use in certain places?

for example:

rel="external" will act exactly like target="_blank" and open the link in a new window, web crawlers and search engine bots will also then follow that link and score it.

rel="nofollow" will open the link in the same window, but tells the crawlers and bots to not follow the link and/or score the link either.

rel="external nofollow" will do a combination of the above, the link will open in a new window but crawlers & bots are told not to follow/score the link/destination etc.

so where should each be used properly? when should a bot be told not to score the link/destination & when is it acceptable for the bot to score it?



Re: Auditing Code (security wise)

ahh yes you are right Dave :) i knew it was to do with the GET requests but wasn't 100% sure if it bypassed the sanitizer or not.. thinking about it now tho, i can't understand why i thought it would do as that would be nightmare for abuse.

Live as if you were to die tomorrow, Learn as if you were to live forever

The beauty of a living thing is not the atoms that go into it, but the way those atoms are put together!


Re: Auditing Code (security wise)

I don't think queryf bypasses the text sanitizer; it just allows non-SELECT queries, such as UPDATE and INSERT, to be done when processing a GET request. But I agree that queryf should only be used in special situations when it's really needed.



Re: Welcome Kurak !

These are not empty words: it is an honour to join such good team.
1.Forgive me my english...
2.Ready to report bugs :P



Re: Auditing Code (security wise)

Quote:


Should we also review where queryf is used in key modules, as this is often misused by developers who want a quick way to access core tables.

Herko



yes, i think that should also be done aswell being as queryF bypasses the text sanitizer etc. good point :)



Re: A proposition for a true opened developement !

Marcan:

I guess it's worth a try as an experiment.



Modules

Hi,
I think that some modules should be in standard like : news, forums,links,polls etc. and delevoped by core team.



Re: Welcome Kurak !

Welcome!

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...


Re: Welcome Sudhaker !

Welcome!

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...


Re: Hello ...

Welcome! Another *NIX person definitely needed!

JMorris (aka James Morris)
ImpressCMS Professional Services: INBOX International inc.
James Morris Online | Frolicking on the playground that is the Internet...


Friendly URLS

Whatever direction ImpressCMS will go, I'm pretty sure that friendly URL will be something we need.

Is there anyone here who would like to take on this task ?



Re: Remember me

+1

Sudhaker, would you like to take on this task ?

Marc-André Lanciault
Founder and CEO INBOX International inc.
Co-Founder ImpressCMS


Re: Hello ...

Thanks picia05!

Nice seeing you - and I must say, as I've said to Kurak, you have a very nice looking support site too!



Hello ...

Hello,
I would like to introduce myself becouse most of people here don't know me. I'm co-webmaster and founder of polish Xoops support. I'm with Xoops since 2002 year. I was a betatester of 2.0 version, lately I wasn't active in Xoops.org world I have some experience in CMS, graphic, unix like systems I would like to help you with this project.