Login | Forgot password | Register

X

What is OpenID?

OpenID is an Internet-wide identity system that allows you to sign in to many websites with a single account.

With OpenID, your ID becomes a URL (e.g. http://username.myopenid.com/). You can get a free OpenID for example from myopenid.com.

For more information visit the official OpenID site.

Jump to:

17478 Posts in 4473 Topics by 1972 members

Archive

SilverStripe Forums » Archive » Member to rememeber

Our old forums are still available as a read-only archive.

Page: 1	Go to End
Author	Topic: Member to rememeber	875 Views

xmedeko

Community Member
94 posts

Member to rememeber

26 August 2007 at 10:02am Last edited: 26 August 2007 10:16am

Hi,
when the Member is remembered in the browser, the cookie is set in Member:: autoLogin(). This cookie is encoded email and password.
The cookies are unsafe in general, but a little better option is to put some random hash into the cookie, because user's tends to make the same password for more accounts. The cookie can be a pair email:hash, and then the hash need not to be necessary unique.
Markus

Google Summer of Code Hacker
152 posts

Re: Member to rememeber

27 August 2007 at 2:00am

That's true.. I fixed this already in the GSoC branch a while ago.. I think this branch will go into the 2.1 version.

		875 Views
Page: 1	Go to Top

Currently Online: Euphemismus, dendeffe

Welcome to our latest member: GreenWork

SilverStripe 2.4 beta release brings hierarchical URLs, SQL Server support, and much more

We're extremely excited to announce SilverStripe v2.4 is now at beta release stage!

Read on

Quick links

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.