Quote:
Originally posted by Bill
Ahh, yes, now I remember, phplinks puts these ungodly huge php session IDs on everything that it does...
And that is, as far as I'm concerned, unacceptable for general adult use.
If that session ID thing can't be stripped out, then phplinks is probably useless as a core of an open source adult linking system. But it may not critical to function, so maybe it _can_ be ripped out.
That password thing that let's you modify entries is clearly one of the first things that has to be ripped out. We don't want submitters to be able to modify anything.
|
I've been insanely busy at the office lately and on top of that, I caught a damn cold (in summer!!!).
Here goes :
Yes, the session ID could indeed be stripped away. I'm not sure which version Useless Warrior installed but mine definitely didn't work without modifications to the code. A word of warning, by default, the admin section of phplinks has no protection by the way. (do a simple google search and you'll be able to access the admin panel on many)
Even if it would work, I wouldn't use it as a core for reasons I've stated before : a core is something that must be well-designed.
Entreri.
Note : If you want to look further into PHPLinks, this guy has branched the code and added a bunch of features (including recip checking) :
http://www.dew-code.com/modules/mydownloads/