|
All that energy put in reaching the one-million mark for the sole sake of getting some easy up-voting on your articles. I think that you need a better strategy
~RaGE();
I think words like 'destiny' are a way of trying to find order where none exists. - Christian Graus
Entropy isn't what it used to.
|
|
|
|
|
Damn! Sussed...I must think again...
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
OriginalGriff wrote: But that'd be evil, right? Because anyone who can't work that one out for himself is probably gonna do it...
Must...
...resist...
...keyboard...
Right.
The report of my death was an exaggeration - Mark Twain
Simply Elegant Designs JimmyRopes Designs
I'm on-line therefore I am.
JimmyRopes
|
|
|
|
|
Or make a log file with username and date and check if this user logged in with existing date in table prevent him from logging in else he is logging in for the first time then add the entry to the log table.
|
|
|
|
|
Well, that's hardly evil, is it? A dumb way to do it, yes. But not actually evil.
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
Quote: "When a user logs in, change his password. Then email him the new one 24 hours later. But that'd be evil, right?"
Sure, it is evil. These solutions are quick and dirty. We can't really use them for production.
|
|
|
|
|
You can if you are an Evil Overlord, or a Klingon.
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
True. I never knew about these thing
|
|
|
|
|
Time to learn.[^]
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
It's really amazing Griff. You made my day
Thanks for sharing.
|
|
|
|
|
Why should you care how many times someone logs in. Restrict their actions when they try to do something that is not allowed.
The report of my death was an exaggeration - Mark Twain
Simply Elegant Designs JimmyRopes Designs
I'm on-line therefore I am.
JimmyRopes
|
|
|
|
|
I suspect it might be more of a requirement turning into a different one due to the limitations of the existing application. E. g. if the user is not allowed to do X more often than once a day, but the app only keeps track of that while he's logged in...
|
|
|
|
|
Stefan_Lang wrote: I suspect it might be more of a requirement turning into a different one due to the limitations of the existing application. E. g. if the user is not allowed to do X more often than once a day, but the app only keeps track of that while he's logged in...
I read this twice because I didn't understand what you were saying the first time. I still don't understand what you re trying to say.
Are you saying that when a person is logged out they can do something. Otherwise if they are logged in then you have control over how many times they perform an operation in a given period of time regardless of how many times they log in during that time period.
The report of my death was an exaggeration - Mark Twain
Simply Elegant Designs JimmyRopes Designs
I'm on-line therefore I am.
JimmyRopes
|
|
|
|
|
Sorry, I suspect german grammar doesn't translate well
I meant to say that there might have been an existing application, and the original application didn't support (well) the new requirement. So the developers decided to morph that requirement into a different one that would fulfil the original requirement, even though it would also prohibit legitimate use in some cases.
In this case, hypothetically speaking, the application might have supported tracking a user status, but not beyond a login session. Rather than change the tracking, the developers might have decided to add a rule to log in.
I was just trying to find a possible explanation for the odd requirement to only log in once a day.
|
|
|
|
|
Now I understand what you are trying to say, that they don't track user activity and may want to put in a quick and dirty hack into the login procedure to bar someone from performing an operation more than once in a day.
I don't think that will work because I could log in and not perform the operation, then log in a second time so I can perform the operation that I am allowed to perform once a day.
Login does not necessarily equate to performing the operation. The user must be tracked when they try to perform the operation, and either let to perform it or get rejected if they have performed it within the specified time period.
The report of my death was an exaggeration - Mark Twain
Simply Elegant Designs JimmyRopes Designs
I'm on-line therefore I am.
JimmyRopes
|
|
|
|
|
OriginalGriff wrote: And I am soooooo tempted to tell him "When a user logs in, change his password. Then email him the new one 24 hours later."
The sad reality is that if you do that, one day you'll probably log into some large/popular web site that'll do exactly that...and it'll be your own damned fault.
|
|
|
|
|
Ooo! Please? Can we get him to work for FarceBook and Twatter? Pretty please with sugar on?
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
By the number of people texting and driving I thought people already stayed logged on 24x7.
|
|
|
|
|
Not if we get him to add Carlo's (CPallini) additional modification...:EvilLaughSmiley:
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
I see. Destroy from within. I like the way you think.
|
|
|
|
|
Go for it, Griff. You know you want to... give in to it. Embrace your inner evil twin.
Will Rogers never met me.
|
|
|
|
|
I think you've earned the right to be a bit evil !
cheers, Bill
“I speak in a poem of the ancient food of heroes: humiliation, unhappiness, discord. Those things are given to us to transform, so that we may make from the miserable circumstances of our lives things that are eternal, or aspire to be so.” Jorge Luis Borges
|
|
|
|
|
OriginalGriff wrote: There's a QA question, wanting to know how he prevents his users from logging in more than once a day. How much control do you have over the login process?
For they systems I maintain, I'd just add a column to the table where we keep the user name and password (encrypted of course) to hold the last date of login and when validating the login request add a check to see if the last date is not the current date.
Sorry for not following the other posts by giving you a serious answer.
Psychosis at 10
Film at 11
Those who do not remember the past, are doomed to repeat it.
Those who do not remember the past, cannot build upon it.
|
|
|
|
|
It's not very evil - except for the encrypted passwords of course, that is indeed the work of Cthulhu. Encrypted passwords are a major security risk - they should be hashed instead.
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
OriginalGriff wrote: Encrypted passwords are a major security risk - they should be hashed instead. Poor choice of words, they are hashed. I just wrote encrypted to note that they weren't in clear text.
It's always an amusing e-mail when clients ask to be reminded of their passwords and we come back with, here's your temporary new password, be sure to change it after you login with it. (And you know they won't)
I've had other fires to put out, so I've never gotten around to adding a password is temporary flag to the login table, although it has long been on my list of things to do, but convincing the sales office that the time should be taken has been a lost cause. They like to hit that big red panic button over every little thing. It doesn't help that the original system was developed by amateurs who barely knew what they were doing and so I find myself fixing problems that have been there since time began in an urgent manner since someone finally noticed the problem ysterday and will fixate on it until they see it changed.
It won't be an issue until some idiot leaves their temporary password in an e-mail for all to see without changing it and then of course it will be the programmer's fault that it was misused.
Psychosis at 10
Film at 11
Those who do not remember the past, are doomed to repeat it.
Those who do not remember the past, cannot build upon it.
|
|
|
|