article

Action executed in 0.000

Minor Author Changes to TrickleUp

I've made some minor changes to TrickleUp. For those of you blinking, it's the software that runs my site. The change is to the author information of posts and it's really just aligning the author ascpect of posting for a much larger authentication change later.

Previously the comment forms had 3 fields: name, email, and website -- just like most blogs. Now on those blogs, i have a problem with how easy it is to impersonate somone. I doubt it would happen among my friends, but if TrickleUp ever entered widespread usage, some other people may appreciate that feature.

When someone entered their name, email, and website trio, TrickleUp would create an account in the database, and send a cookie to the user. This is great for new users, but most people posting to my site are returning users.

I realized this form is not the new user registration form, even if it was a form within a form. So the registration form is separate. The comment form always allows an anonymous posting. If you're logged in to my site you may also attribute your comment to yourself.

In terms of code, it's cleaner this way.

With all that cleared up, i can focus on the real work, SSL client authentication. Just think, if we each had an SSL certificate, we wouldn't need numerous passwords.

Comments

none yet

Post a Comment

* indicates a required field
anonymous (If you want to identify yourself, please sign in first.)
required This field is required.

Max size is 2 MB, aspect ratio 3:4 width:height
required This field is required.
Please include a short description.
required This field is required.

480 characters remaining.
is public

(Use this field if you have to. 3000 characters remaining.)
2 quarters, 1 penny, 1 dime, 2 nickels + 100

Trackback URL

http://derocher.org/~brian//trackback.php?ParentId=2151

form