Oh, sorry then, the link i found was for 1.3 (the version i'm running)
And good you solved it, keep the good work up
You are not logged in. Please login or register.
PunBB Forums → Posts by RNilsson
Oh, sorry then, the link i found was for 1.3 (the version i'm running)
And good you solved it, keep the good work up
I'm constructin a user-login-system that will contain both sessions (for carrying info between pages) and cookies (to allow a user to remeber login).
Now, since i'm gonna use both, i want to authenticate the user if a cookie is present, and redirect to a loginpage if cookie is not valid.
I want to use sessions to "remember" the authenticated user, so i don't have to verify the user on each page-view, but rather compare a session-value with some value in the cookie, and as long as they are in agreement, another authentication against db does not occur.
The sessions will also remember login-status for the duration of the visit if the visitor doesn't want to store a cookie on the computer (The stupid swedish law)
I pretty much will have these functions to do the work for me:
requireMemberStatus - For pages that require member-status or above.
requireAdminStatus - For pages that require admin-status and not available for regular members.
setSessionHandler - First time the session is set with info
updateSessionHandler - The session gets updated with info
destroySessionHandler - When the user logs out (ie, from a public pc for instance)
setCookieHandler - Create the cookie if the user wants to
updateCookieHandler - Update expiretime and session-info on each "verify"
destroyCookieHandler - nuke the cookie
doLogin - Verify the user against the db
doVerify - Validates the cookie and updates the session and cookie
doLogout - Clear up everything...
checkStatus - Checks to see if the user is authenticated, member or admin (return 0, 1, 2)
Now to my problem...
I'm not entierly sure how to make this work as i haven't worked with cookies before and don't quite know how to make a secure varify/auth of the cookie...
Also, what happens with the cookie-authentication/validity if the user is changing computer regulary, like home-machine/work-machine and gets new sessionid's etc between visits?
Ideas, comments etc is welcome...
Which apache version are you running?
You will want to have a look at this: http://httpd.apache.org/docs/mod/core.h … equestbody
Probably, but it was suggested and i'm just giving my input
If it's featurized (is there such a word?) make it a default 'off' option that admin can flip on so it wont put punbb.org into a sinkhole.
And the versionscheck could ust be a file, ie: current-version.php, that only returns a string like '1.0.1' and compare with the current board version that 'calls home'...
Maybe check one a week, and add a field 'last_checked' in the options-table and just have code in the admin-area compare time() > last_check+(1week in seconds) and display some orange 24px flashing text saying a new version gets out (no popup and then also store the new version in the options-table and update that field when the new board is installed and make the text go away?
I saw that in a previous post now *must get glasses *
I'm using Postgres on my own host (i actually just couldn't get mysql installed properly, so i went with pg istead
The only thing i can think of is if there's some restrictions in privileges or something, otherwise i don't have any suggestions other then to try reinstall.
Do you know what version mysql you have?
No, but then it would be easy to add it to make the thread an announcement if that becomes a feature in the future...
And besides, it was just a suggestion
Don't know if it's been suggested so far, but how about a little checkbox to make the thread sticky when it's being created?
If you're mod or admin for the forum that is...
I see that it is possible to have more then one forum sharing db as per this link: http://punbb.org/stuff/edited_by.png
Unless ofcourse you copied the db as well, Kennel
Frank H wrote:
hmm... wouldn't it be possible that one cookie isn't recognized by the other server, thus screwing up the last post, last online and such?
As you wannot fix that in the admin-options, and you cannot get the cookie from the other server from the browser either ... or is there a way to do this?
Not neccessarly (spelling) since the cookie is client-based, and as long as the servers are in time-sync.
You only visit one server at the time.
ophidian wrote:
i don't think that would be a problem. you'd just have to use the same sql database i think. But why would you want to do this? you could just link to the same forum...
I can't link to the same forum if they are on two different ip's shared by one dns-name.
Heh, sorry to pour some rain on the parade
Maybe do a check if is_dir(/proc) and if file_exists(loadavg) in /proc otherwise use the uptime?
My idea was to have one userbase (one use one installation and post-db), and a primary and backup forumlocation.
maybe forum.xx.com and forum1.xx.com that points to different servrs.
Anyway, i was just curious if it would work, and i'll do some testing in the week to see if there's any think to consider other then keeping the main config the same...
Theoretical scenario:
I have two webbservers in a round-robin-dns configuration.
I have one database-server
I set up forum.dom.com to bounce of 192.168.1.1 & 192.168.1.2 for loadbalance and failsafe
Can i have the same forum on two hosts sharing the one database?
Mainserver on 192.168.1.1 is replicating it's www-dir's to 192.168.1.2 so identical copys are present.
Is this possible if a shared networkstorage is not present?
Grasping deep theory here...hey, what else is there to do in 5:45 in the morning =/
I noticed in the changelog that you changed to /proc/loadavg instead of the uptime-program and i just wanted to check if you verify if the fil exist, and if it does not you have a "plan b" to use?
Here's my listing of /:
storage01# ls -al /
total 6164
drwxr-xr-x 15 root wheel 512 Aug 14 11:07 .
drwxr-xr-x 15 root wheel 512 Aug 14 11:07 ..
-rw-r--r-- 2 root wheel 1080 Feb 4 2003 .cshrc
-rw-r--r-- 1 root wheel 0 Oct 12 2002 .exists
drwxr-xr-x 2 root wheel 512 Sep 8 2002 altroot
drwxr-xr-x 2 root wheel 512 Sep 8 2002 bin
-r-------- 1 root wheel 40448 Oct 9 2002 boot
drwxr-xr-x 4 root wheel 26112 Oct 9 2002 dev
drwxr-xr-x 17 root wheel 2048 Aug 14 11:56 etc
drwxr-xr-x 5 root wheel 512 May 20 01:22 home
drwxr-xr-x 2 root wheel 512 Oct 9 2002 kern
drwxr-xr-x 2 root wheel 512 Sep 8 2002 mnt
-rwxr-xr-x 1 root wheel 6214088 Aug 13 17:02 netbsd
drwxr-xr-x 5 root wheel 512 Feb 4 2003 root
drwxr-xr-x 2 root wheel 2048 Sep 8 2002 sbin
drwxr-xr-x 2 root wheel 512 Sep 8 2002 stand
lrwxr-xr-x 1 root wheel 11 Sep 8 2002 sys -> usr/src/sys
drwxrwxrwt 2 root wheel 512 Sep 1 03:23 tmp
drwxr-xr-x 19 root wheel 512 Aug 13 15:41 usr
drwxr-xr-x 24 root wheel 512 Aug 12 16:46 var
storage01#
And my enviroment is NetBSD 1.6:
Unix load averages 2.05 1.79 1.69 - 1 users online
Environment PHP 4.2.3
PostgreSQL 7.3.3 on i386--netbsdelf, compiled by GCC 2.95.3
Anything else you would like to know about my system, just holler...
Oh, i've turned into a mindreader these days
I noticed in the TODO that a mailform is in the works and don't remember if it's been discussed before, anyway, here's a suggestion:
Put the mailform link where you have the 'E-Mail' link below each post, that way it's easy to send a quick mail to the user in question if it's related to the post etc.
And in the user's profile-page a link with the users email can be printed out is he/she/it want's to show the mailaddy, as well as a link to the mailform if the sender doesn't feel like opening the mailprogram of it's choice.
Making any sense?
Heh, what Kennel said
No, really.
Here http://fh.nonet.org/fh/ [site under development] i just installed a shoutbox in the lower-left box.
It didn't fit "out-of-the-box" and now, after a few hours of tweaking, src-hacking and styling, it looks pretty good (oh, yeah, IE is a pain in the butt) but imagine how long time it would take to try and hack a -large- "whole" package into an existing layout.
The shoutbox is basiclly an iframe in an iframe...
I usually make my own script to be modulus so you just can "object" them into place
Yes i could have, but the problem with there are they don't easily fit into the existing sitedesign.
I'm writing my scripts to be extremely configurable with mostly an object-driven output mechanism that allows you to place, let's say the next 5 booked matches in a small sidebar blow you menu for instance, iwthout the requirements to use the full packages own pages etc.
Of course i will have a webbased administration, but with the option to print each section out in your own page where you want it...
Plus i learn something new, something i havent done yet...
Ok.
If the scripts are released at somepoint, they will be fully available (they're php-script, doh! ...
It's some hybrid clan/squad match booking/calendar-thing-stuffy project
I've started to go through the source and i'm really impressed.
So before i got around to do some source/functinos borrowing i'd ust ask your persmission...
A few functions, like the one for redirecting is just brilliant, and i'm thinking of using the code in my own projects (with a copynotic to pun of course) but since it's not gonna be a public scripts of that kind i wonder what the gpl sez about it.
Thoughts, comments on my Q?
PunBB Forums → Posts by RNilsson
Powered by PunBB, supported by Informer Technologies, Inc.