Mail Index
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ApacheGallery] Proposal for an admin site
On Thu, Mar 07, 2002 at 04:03:05PM -0500, Paul Vallee wrote:
> Hello everyone,
>
> I'm having trouble accessing the cvs repository (no doubt my own lame fault,
> but there you have it!). So instead of stalling any longer, here's the diff
> patch and the new copy of Gallery.pm, attached.
You're using ssh right? Tried doing it from the machine the repository is
on?
> If any of you have cvs access and are willing, please go ahead and upload
> it. Michael has already given me permission to bang it in before an intense
> QA, I guess his feeling is that problems can be fixed afterwards.
As long as we don't release any untested code it should be fine, that is what
-dev is for anyway ;)
> This implements authentication, rotation and the editing of annotation files
> on the server.
> Feedback welcomed and appreciated, and cheers!
From looking at the code I just have one tiny question, why don't we
build the form with help of CGI::FastTemplate so we don't hardcode it
into the program? (This is not a requirement from my side and could
always be implemented later). And for the MD5 part:
The "MD5" module is depreciated. Use "Digest::MD5" instead. (perldoc MD5)
(and using the hexhash method instead of using unpack to convert it to
hex might be a good idea too). Should we furthermore let the user set a
secret so it's gonna be even harder breaking the "encryption" of the
cookie. Like:
MD5->hexhash('USERDEFINEDSECRET' . MD5->hexhash($password));
> Paul (30 years old today!)
Congrats!
Thomas (1 year wedding anniversary today!)
--
Thomas Eibner <http://thomas.eibner.dk/> DnsZone <http://dnszone.org/>
mod_pointer <http://stderr.net/mod_pointer> <http://photos.eibner.dk/>
!(C)<http://copywrong.dk/> <http://apachegallery.dk/>
Putting the HEST in .COM <http://www.hestdesign.com/>
---------------------------------------------------------------------
Apache::Gallery users mailinglist. http://apachegallery.dk/
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx