Jump to:

17452 Posts in 4473 Topics by 1971 members

Archive

SilverStripe Forums » Archive » Member to rememeber

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

Page: 1
Go to End
Author Topic: 1392 Views
  • xmedeko
    Avatar
    Community Member
    94 Posts

    Member to rememeber Link to this post

    Hi,
    when the Member is remembered in the browser, the cookie is set in Member:: autoLogin(). This cookie is encoded email and password.

    The cookies are unsafe in general, but a little better option is to put some random hash into the cookie, because user's tends to make the same password for more accounts. The cookie can be a pair email:hash, and then the hash need not to be necessary unique.

  • Markus
    Avatar
    Google Summer of Code Hacker
    152 Posts

    Re: Member to rememeber Link to this post

    That's true.. I fixed this already in the GSoC branch a while ago.. I think this branch will go into the 2.1 version.

    1392 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.