Login | Register
My pages Projects Community openCollabNet
Project highlights: Stable Version: 1.6.1, Development Version: 1.7.6

Reply to message

* = Required fields
* Subject
* Body
Send reply to
Author (directly in email)
Please type the letters in the image above.

Original message

Author theslack
Full name Jack Neely
Date 2006-08-30 07:09:15 PDT
Message On 8/30/06, Pauline Middelink <middelink at polyware dot nl> wrote:
> Hi Jack,
> Wow, taken by suprise by the login changes. Slightly not
> happy about the change in passwd crypting, since my existing
> userbase now has a problem :(

I figured you'd say something. :-)

> But no worries, I switched to XML_RPC to login and get a
> session id, with which I can't do anything with (yet)
> Attached some minor fixes to get the session stuff working.
> The changes in the tables already include my queueing stuff, but
> more essential is the change in SESSIONS.sid, since a sha digest
> is 40 chars wide, not 32. It took a while to see why my website
> could not login.

Oops..yeah the session code was originally written a few years back
with MD5 was all the rage. Now that MD5 hashes are easily brute
forced... :-)

> Could not get the self.__load to work in SessionUser.login, so
> I put the code right in. (all 2 lines)

You think I test things before I commit them! Methods with 2
underscores are considered private and python mangles the name. I
just made it unprivate.

> Oh, and very important, when the session is ok, lets save it...


> I noticed there is no deletion of expired sessions, nor checking
> if the session is expired? We might want to do that before the
> SESSIONS table explodes :)

The sessions are cleaned everytime save() is called.

> (when this is added the svn, I will sent the hardware/queue stuff,
> it works and might help other ppl to fill their hardware/installed
> tables)
> PS. Not sure about the table name, PROFILE_QUEUE or just QUEUE?
> PROFILE_QUEUE indicates neatly it belongs to PROFILE, but
> HARDWARE and INSTALLED should be changed too than.

*shrug* I'd go for QUEUE. I've used ACTIONQUEUE in stateengine, and
there's code there that implements multiple queues (one per client) in


> Met vriendelijke groet,
> Pauline Middelink
> --
> GPG Key fingerprint = 2D5B 87A7 DDA6 0378 5DEA BD3B 9A50 B416 E2D0 C3C2
> For more details look at my website http://www.polyware.​nl/~middelink