[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security bug fix -- Ready for test
|
From: |
Davi Leal |
|
Subject: |
Re: Security bug fix -- Ready for test |
|
Date: |
Fri, 4 May 2007 01:34:46 +0200 |
|
User-agent: |
KMail/1.9.5 |
Close the tasks:
https://savannah.nongnu.org/task/index.php?6786
https://savannah.nongnu.org/task/index.php?6779
As usual, let me know if you see any mistake.
The control logic is complex. I am not going to write it here. It is hard to
understand even reading the source code. Just some tips:
* Added 'Expire' data base fields to control the 'Magic' fields.
* To avoid Spam, instead of using TimeStamp fields, the webapp is
using boolean Email fields.
If the user is suffering Spam, instead of set a limit using a
TimeStamp fields, it is better she block it altogether setting
the boolean flags.
The AntiSpam control is disabled by default. It can be activated
by a user modifying the value of the boolean data base fields.
I am not going to develop the GUI which would allow the user to
configure these options of her account due I think it is not
a problem up to we have Spam problems, and I have other tasks
more important to do now.
As I am not a English native man, I am not sure if the below sentences, used
by the sent emails, are right:
----------------------------------------------------------
GNU Herds: Activate account
Your email has been used to create an account at GNU Herds.
To activate it follow the below link. That link will expire in 24 hours:
https://gnuherds.org/Person.php?action=register&address@hidden&magic=3dce447bab08b24d9b012604a51ac6ed
If you have not asked for this new account, ignore this email.
Note: To avoid 'Spam' you can only get this email at the most once each 48
hours. If this email is Spam for you, please let it knows to association AT
gnuherds.org
----------------------------------------------------------
GNU Herds: Lost password?
An attempt was made to activate/register a new GNU Herds account with this
email address. However, you have already an active account! Follow the below
link to get your lost password if it is needed:
https://gnuherds.org/Lost_Password.php
If you have not asked for this new account, someone else has asked for it with
your email!
----------------------------------------------------------
GNU Herds: Lost password?
For security reasons, GNU Herds does not send passwords by electronic mail.
To get your new password follow the below link. That link will expire in 30
minutes:
https://gnuherds.org/address@hidden&magic=8abef94bc9492baebbfce6af5de9964f
If you have not asked for a new password, ignore it and your password will not
be changed.
----------------------------------------------------------
GNU Herds: Change account's email
To change your GNU Herds account's email, first log in and then follow the
below link. That link will expire in 7 days:
https://gnuherds.org/address@hidden&magic=d497ef25c2223b61c04b35f9f1f17782
If you have not asked for it, just ignore this email.
----------------------------------------------------------
Not committed yet:
M Layer-0__Site_entry_point/templates/Company_form.tpl
M Layer-0__Site_entry_point/templates/Person_form.tpl
M Layer-0__Site_entry_point/templates/non-profit_Organization_form.tpl
M Layer-2__Business_logic/content/forms/Company_form.php
M Layer-2__Business_logic/content/forms/Person_form.php
M Layer-2__Business_logic/content/forms/non-profit_Organization_form.php
M Layer-2__Business_logic/content/forms/Lost_Password_form.php
M Layer-4__DBManager_etc/DB_Manager.php
M Layer-5__DB_operation/Entity.php
M Layer-0__Site_entry_point/doc/GNUHerds__SQL_Implementation.psql
--
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: Security bug fix -- Ready for test,
Davi Leal <=