Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#62 Add a friend

open
nobody
Interface (24)
7
2012-06-08
2010-02-18
Andrea Bodrati
No

When there are no contacts on the roster instead of current (long) text it would be better to show a shorter one as the one in "Add a contact".

At the same time change the last line (in both forms) from :
"You can find new friends on - Jabbin service" to "Invite new friends" (link to: http://www.jabbin.com/life/invite\) and "Find friends on Jabbin" (link to be defined)

Discussion

  • Andrea Bodrati
    Andrea Bodrati
    2010-02-19

    To call www.jabbin.com/life/invite page we need to send (POST) : username,password,secret hash, and "from_im" variables.

     
  • Ivan Čukić
    Ivan Čukić
    2010-03-01

    where to get - "secret hash" and "from_im"?

     
  • Andrea Bodrati
    Andrea Bodrati
    2010-03-01

    You can choose a secret hash to use for authentication (please give it to Mahbub) while from_im is a flag so it just has to be set to 1.

     
  • Ivan Čukić
    Ivan Čukić
    2010-03-01

    Ok, but having a /secret hash/ that is publicly transmitted via http is not a really good idea - it will no longer be a secret.

    Should it depend on something - username or password or something?

     
  • Andrea Bodrati
    Andrea Bodrati
    2010-03-01

    Yes you are right! I think that the best way would encrypt username and password using an algorythm.

     
  • Ivan Čukić
    Ivan Čukić
    2010-03-01

    The problem with encryption is that the only safe way to do encrypted communication is by doing a two-key encryption (private/public) for which we don't have an infrastructure.

    Would the following be possible:
    - jabbin sends to the desired page
    - on the page, the login is shown and when the user logs in he/she is taken to the desired page.

    That is - if the user is not logged in the browser, it redirects to http://www.jabbin.com/life/login - after the user is logged in, it doesn't redirect to http://www.jabbin.com/life/ but to the page the user originally intended to visit.

    This, with a possibility of adding a https access to jabbin.com would be sufficiently safe.

    (before I went for non-sql-databases, I wanted to focus my PhD studies on cryptography... so I'm a bit of a fanatic :) )

     
  • Andrea Bodrati
    Andrea Bodrati
    2010-07-11

    • assigned_to: nobody --> ivan-cukic
     
  • Ivan Čukić
    Ivan Čukić
    2012-06-08

    • assigned_to: ivan-cukic --> nobody