From: Pete J. <pj...@gi...> - 2012-06-29 18:32:16
|
Hi all, I'm almost done with the CRYPT_BLOWFISH password hashing upgrade: https://dev.tiki.org/CRYPT_BLOWFISH On tiki-admin.php?page=login General Preferences tab Advanced Filter Password section. I need to add a crypt-blowfish "cost" factor (TINYINT integer) option for the "Encryption method". I've done these: __In templates/admin/include_login.tpl, I added {preference name=password_hash_pass_blowfish_cost} __In tiki-setup_base.php, I added: 'password_hash_pass_blowfish_cost' => 15, Do I also need to add something to lib/prefs/min.php (it has only min_username_length and min_pass_length)? I'm confused as to how password_hash_pass_blowfish_cost would get INSERTed into the database tiki_preferences table. Any other place I need to add it or edit? Thanks! Pete |
From: Marc L. <ma...@la...> - 2012-06-29 18:53:40
|
http://dev.tiki.org/Creating+New+Preferences No need to add to db. It will get added when people set it. Looking forward to your 1st commit! On 2012-06-29 2:32 PM, "Pete Jalajas" <pj...@gi...> wrote: > Hi all, > > I'm almost done with the CRYPT_BLOWFISH password hashing upgrade: > https://dev.tiki.org/CRYPT_BLOWFISH > > On > tiki-admin.php?page=login > General Preferences tab > Advanced Filter > Password section. > I need to add a crypt-blowfish "cost" factor (TINYINT integer) option > for the "Encryption method". > > I've done these: > __In templates/admin/include_login.tpl, I added > {preference name=password_hash_pass_blowfish_cost} > __In tiki-setup_base.php, I added: > 'password_hash_pass_blowfish_cost' => 15, > > Do I also need to add something to > lib/prefs/min.php > (it has only min_username_length and min_pass_length)? > > I'm confused as to how password_hash_pass_blowfish_cost would get > INSERTed into the database tiki_preferences table. > > Any other place I need to add it or edit? > > Thanks! > Pete > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > TikiWiki-devel mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel > |
From: Louis-Philippe H. <lph...@lp...> - 2012-06-29 20:56:36
|
In fact, you do not even need to add anything to tiki-setup_base.php. Just the preference definition is enough, and adding the control somewhere in the panel for convenience. The default value also goes in preferences. -- LP On Fri, Jun 29, 2012 at 2:53 PM, Marc Laporte <ma...@la...> wrote: > http://dev.tiki.org/Creating+New+Preferences > > No need to add to db. It will get added when people set it. > > Looking forward to your 1st commit! > On 2012-06-29 2:32 PM, "Pete Jalajas" <pj...@gi...> wrote: > >> Hi all, >> >> I'm almost done with the CRYPT_BLOWFISH password hashing upgrade: >> https://dev.tiki.org/CRYPT_BLOWFISH >> >> On >> tiki-admin.php?page=login >> General Preferences tab >> Advanced Filter >> Password section. >> I need to add a crypt-blowfish "cost" factor (TINYINT integer) option >> for the "Encryption method". >> >> I've done these: >> __In templates/admin/include_login.tpl, I added >> {preference name=password_hash_pass_blowfish_cost} >> __In tiki-setup_base.php, I added: >> 'password_hash_pass_blowfish_cost' => 15, >> >> Do I also need to add something to >> lib/prefs/min.php >> (it has only min_username_length and min_pass_length)? >> >> I'm confused as to how password_hash_pass_blowfish_cost would get >> INSERTed into the database tiki_preferences table. >> >> Any other place I need to add it or edit? >> >> Thanks! >> Pete >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> TikiWiki-devel mailing list >> Tik...@li... >> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel >> > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > TikiWiki-devel mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel > > |
From: Pete J. <pj...@gi...> - 2012-06-29 22:26:34
|
Thanks, guys! I just finished updating it all. Please check it out at https://dev.tiki.org/CRYPT_BLOWFISH with proposed patches attached there. I'll need baby steps cookbook instructions for svn committing...never done a commit before! Thanks again! Pete On Fri, Jun 29, 2012 at 4:03 PM, Louis-Philippe Huberdeau <lph...@lp...> wrote: > In fact, you do not even need to add anything to tiki-setup_base.php. Just > the preference definition is enough, and adding the control somewhere in the > panel for convenience. The default value also goes in preferences. > > -- > LP > > > On Fri, Jun 29, 2012 at 2:53 PM, Marc Laporte <ma...@la...> wrote: >> >> http://dev.tiki.org/Creating+New+Preferences >> >> No need to add to db. It will get added when people set it. >> >> Looking forward to your 1st commit! >> >> On 2012-06-29 2:32 PM, "Pete Jalajas" <pj...@gi...> wrote: >>> >>> Hi all, >>> >>> I'm almost done with the CRYPT_BLOWFISH password hashing upgrade: >>> https://dev.tiki.org/CRYPT_BLOWFISH >>> >>> On >>> tiki-admin.php?page=login >>> General Preferences tab >>> Advanced Filter >>> Password section. >>> I need to add a crypt-blowfish "cost" factor (TINYINT integer) option >>> for the "Encryption method". >>> >>> I've done these: >>> __In templates/admin/include_login.tpl, I added >>> {preference name=password_hash_pass_blowfish_cost} >>> __In tiki-setup_base.php, I added: >>> 'password_hash_pass_blowfish_cost' => 15, >>> >>> Do I also need to add something to >>> lib/prefs/min.php >>> (it has only min_username_length and min_pass_length)? >>> >>> I'm confused as to how password_hash_pass_blowfish_cost would get >>> INSERTed into the database tiki_preferences table. >>> >>> Any other place I need to add it or edit? >>> >>> Thanks! >>> Pete >>> >>> >>> ------------------------------------------------------------------------------ >>> Live Security Virtual Conference >>> Exclusive live event will cover all the ways today's security and >>> threat landscape has changed and how IT managers can respond. Discussions >>> will include endpoint security, mobile security and the latest in malware >>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >>> _______________________________________________ >>> TikiWiki-devel mailing list >>> Tik...@li... >>> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel >> >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> TikiWiki-devel mailing list >> Tik...@li... >> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel >> > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > TikiWiki-devel mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel > |
From: Marc L. <ma...@ma...> - 2012-06-29 23:04:25
|
I tried to edit the page but server is unavailable. Please see: https://dev.tiki.org/Database+Schema+Upgrade On Fri, Jun 29, 2012 at 5:55 PM, Pete Jalajas <pj...@gi...> wrote: > Thanks, guys! > I just finished updating it all. > Please check it out at > https://dev.tiki.org/CRYPT_BLOWFISH > with proposed patches attached there. > > I'll need baby steps cookbook instructions for svn committing...never > done a commit before! > > Thanks again! > Pete > > On Fri, Jun 29, 2012 at 4:03 PM, Louis-Philippe Huberdeau > <lph...@lp...> wrote: >> In fact, you do not even need to add anything to tiki-setup_base.php. Just >> the preference definition is enough, and adding the control somewhere in the >> panel for convenience. The default value also goes in preferences. >> >> -- >> LP >> >> >> On Fri, Jun 29, 2012 at 2:53 PM, Marc Laporte <ma...@la...> wrote: >>> >>> http://dev.tiki.org/Creating+New+Preferences >>> >>> No need to add to db. It will get added when people set it. >>> >>> Looking forward to your 1st commit! >>> >>> On 2012-06-29 2:32 PM, "Pete Jalajas" <pj...@gi...> wrote: >>>> >>>> Hi all, >>>> >>>> I'm almost done with the CRYPT_BLOWFISH password hashing upgrade: >>>> https://dev.tiki.org/CRYPT_BLOWFISH >>>> >>>> On >>>> tiki-admin.php?page=login >>>> General Preferences tab >>>> Advanced Filter >>>> Password section. >>>> I need to add a crypt-blowfish "cost" factor (TINYINT integer) option >>>> for the "Encryption method". >>>> >>>> I've done these: >>>> __In templates/admin/include_login.tpl, I added >>>> {preference name=password_hash_pass_blowfish_cost} >>>> __In tiki-setup_base.php, I added: >>>> 'password_hash_pass_blowfish_cost' => 15, >>>> >>>> Do I also need to add something to >>>> lib/prefs/min.php >>>> (it has only min_username_length and min_pass_length)? >>>> >>>> I'm confused as to how password_hash_pass_blowfish_cost would get >>>> INSERTed into the database tiki_preferences table. >>>> >>>> Any other place I need to add it or edit? >>>> >>>> Thanks! >>>> Pete >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Live Security Virtual Conference >>>> Exclusive live event will cover all the ways today's security and >>>> threat landscape has changed and how IT managers can respond. Discussions >>>> will include endpoint security, mobile security and the latest in malware >>>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >>>> _______________________________________________ >>>> TikiWiki-devel mailing list >>>> Tik...@li... >>>> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> Live Security Virtual Conference >>> Exclusive live event will cover all the ways today's security and >>> threat landscape has changed and how IT managers can respond. Discussions >>> will include endpoint security, mobile security and the latest in malware >>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >>> _______________________________________________ >>> TikiWiki-devel mailing list >>> Tik...@li... >>> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel >>> >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> TikiWiki-devel mailing list >> Tik...@li... >> https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel >> > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > TikiWiki-devel mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel -- Marc Laporte http://MarcLaporte.com http://Tiki.org/MarcLaporte http://AvanTech.net |