Mail Index


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ApacheGallery] Proposal for an admin site



On Thu, Mar 07, 2002 at 04:03:05PM -0500, Paul Vallee wrote:
> Hello everyone,
> 
> I'm having trouble accessing the cvs repository (no doubt my own lame fault,
> but there you have it!). So instead of stalling any longer, here's the diff
> patch and the new copy of Gallery.pm, attached.

You're using ssh right? Tried doing it from the machine the repository is
on?

> If any of you have cvs access and are willing, please go ahead and upload
> it. Michael has already given me permission to bang it in before an intense
> QA, I guess his feeling is that problems can be fixed afterwards.

As long as we don't release any untested code it should be fine, that is what
-dev is for anyway ;)

> This implements authentication, rotation and the editing of annotation files
> on the server.
> Feedback welcomed and appreciated, and cheers!

From looking at the code I just have one tiny question, why don't we
build the form with help of CGI::FastTemplate so we don't hardcode it
into the program? (This is not a requirement from my side and could
always be implemented later). And for the MD5 part:

The "MD5" module is depreciated.  Use "Digest::MD5" instead. (perldoc MD5)

(and using the hexhash method instead of using unpack to convert it to
hex might be a good idea too). Should we furthermore let the user set a
secret so it's gonna be even harder breaking the "encryption" of the
cookie. Like:
MD5->hexhash('USERDEFINEDSECRET' . MD5->hexhash($password));

> Paul (30 years old today!)

Congrats!

Thomas (1 year wedding anniversary today!)

-- 
  Thomas Eibner <http://thomas.eibner.dk/> DnsZone <http://dnszone.org/>
  mod_pointer <http://stderr.net/mod_pointer> <http://photos.eibner.dk/>
  !(C)<http://copywrong.dk/>                  <http://apachegallery.dk/>
          Putting the HEST in .COM <http://www.hestdesign.com/>

---------------------------------------------------------------------
Apache::Gallery users mailinglist. http://apachegallery.dk/
To unsubscribe, e-mail: [email protected]