Announcement

Collapse
No announcement yet.

Private Messages security concerns & Server errors (?)

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Private Messages security concerns & Server errors (?)

    Two quick questions:

    (a) What's up with the server errors we seem to be getting around 13:00 Apolyton Time every day? Is the gamestats server dying? What does Dan say?

    (b) I'd like to know a bit more about the Private message feature. How does it know you're "logged in"? Does the server keep pinging my cookie (geez, that sounds like another eupherism ), or is there a between-posts time limit? Is the server set up well enough so that switching off your browser means the next user (on a multi-user computer) cannot access your private messages (like, for example, you have to retype your password if you start a new browser session)? Also, I noticed that the URL of the private messages access page actually displays your password. Is there no way to get rid of this? I don't want people peering over my shoulder to see my Apolyton password...

  • #2
    <center><table width=80%><tr><td><font color=000080 face="Verdana" size=2><font size="1">quote:
    <img src="/images/blue1.gif" width=100% height=1>
    </font>Two quick questions:
    <img src="/images/blue1.gif" width=100% height=1></font></td></tr></table></center>not exactly two, but anyway...
    <center><table width=80%><tr><td><font color=000080 face="Verdana" size=2><font size="1">quote:
    <img src="/images/blue1.gif" width=100% height=1>
    </font>(a) What's up with the server errors
    <img src="/images/blue1.gif" width=100% height=1></font></td></tr></table></center>i have no info on what it is this time...
    <center><table width=80%><tr><td><font color=000080 face="Verdana" size=2><font size="1">quote:
    <img src="/images/blue1.gif" width=100% height=1>
    </font>How does it know you're "logged in"?
    <img src="/images/blue1.gif" width=100% height=1></font></td></tr></table></center>it reads the existing cookie with your username/password
    <center><table width=80%><tr><td><font color=000080 face="Verdana" size=2><font size="1">quote:
    <img src="/images/blue1.gif" width=100% height=1>
    </font>Is the server set up well enough so that switching off your browser means the next user (on a multi-user computer) cannot access your private messages (like, for example, you have to retype your password if you start a new browser session)?
    <img src="/images/blue1.gif" width=100% height=1></font></td></tr></table></center>if something like that happened, it would mean the end of the most handy feature: the browser remembering your username and password.
    if you're sharing a computer, either turn the preference to store your username/password or always clear the cookies(through preferences) before you leave the pc
    <center><table width=80%><tr><td><font color=000080 face="Verdana" size=2><font size="1">quote:
    <img src="/images/blue1.gif" width=100% height=1>
    </font>Also, I noticed that the URL of the private messages access page actually displays your password. Is there no way to get rid of this?
    <img src="/images/blue1.gif" width=100% height=1></font></td></tr></table></center>not at the moment. it would require a total re-writing of the pm script...
    <center><table width=80%><tr><td><font color=000080 face="Verdana" size=2><font size="1">quote:
    <img src="/images/blue1.gif" width=100% height=1>
    </font>I don't want people peering over my shoulder to see my Apolyton password...
    <img src="/images/blue1.gif" width=100% height=1></font></td></tr></table></center>one suggestion only: dont write such interesting messages...

    Comment


    • #3
      Would it really need changing the whole script? I thought it would need only changing the input parsing system and the HTML form (from GET to POST, I mean...). Or at least I, as much as I have done CGI stuff, have the input parsing as one function and the other parts of the program as other functions.
      This is Shireroth, and Giant Squid will brutally murder me if I ever remove this link from my signature | In the end it won't be love that saves us, it will be mathematics | So many people have this concept of God the Avenger. I see God as the ultimate sense of humor -- SlowwHand

      Comment

      Working...
      X