Jump to:

17488 Posts in 4473 Topics by 1978 members

Archive

SilverStripe Forums » Archive » Member to rememeber

Our old forums are still available as a read-only archive.

Moderators: martimiz, Howard, Sean, Ryan M., biapar, Willr, Ingo, simon_w

Page: 1	Go to End
Author	Topic:	1322 Views

xmedeko

Community Member
94 Posts

Member to rememeber

26 August 2007 at 10:02am Last edited: 26 August 2007 10:16am

Hi,
when the Member is remembered in the browser, the cookie is set in Member:: autoLogin(). This cookie is encoded email and password.
The cookies are unsafe in general, but a little better option is to put some random hash into the cookie, because user's tends to make the same password for more accounts. The cookie can be a pair email:hash, and then the hash need not to be necessary unique.
Markus

Google Summer of Code Hacker
152 Posts

Re: Member to rememeber

27 August 2007 at 2:00am

That's true.. I fixed this already in the GSoC branch a while ago.. I think this branch will go into the 2.1 version.

		1322 Views
Page: 1	Go to Top

Rapid Prototyping with SilverStripe & Foundation

Guest blogger Ryan Wachtl is an independent US-based web developer and information architect with a passion for the art of programming and the science of design. He has been building sites with SilverStripe since the early 2.2 release and organizes the Read on

Follow @SilverStripe

Quick links

Ask questions in our Forums

Learn all about our CMS

Download SilverStripe

Try SilverStripe yourself in our online demo

Get inspired. See our Community Showcase

Learn all about the SilverStripe Framework

See all the free support options we offer

Stay up to date with our SilverStripe Newsletter

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.

Privacy Policy