William Roadcap - 2015-12-22

I am no longer actively maintaining this. That is to say, I may some day
return to it and incorporate such changes as you and others mention. It
was quickly cobbled together to scratch an itch at the time but is longer
something I need in my work.

On Tue, Dec 22, 2015, 8:59 AM James Hawkins cyberlink@users.sf.net wrote:

Status: open
Group: Next Release
Created: Tue Dec 22, 2015 01:59 PM UTC by James Hawkins
Last Updated: Tue Dec 22, 2015 01:59 PM UTC
Owner: nobody

1) You should not use MD5 hashes as they are not secure. Please change it
to a minimum of sha1
2) It would be nice if the authentication was seperated out into a
function that would allow me to easily change it. htaccess is not exactly
secure and I have a much better auth mech.
2.1) When you create the auth fuinctions I would use sessinons to store
data for authed users.
3) It should be updated to use the openssl lib for php. I am not sure it
is wise to take user data and call shell commands from it. Even escaped
there are a lot of things that can make it through.

If you are nolonger maintaining this please let me know. I could do most
of this and more than likley will on the copy I downloaded.

Sent from sourceforge.net because you indicated interest in
https://sourceforge.net/p/phpki/feature-requests/11/

To unsubscribe from further messages, please visit
https://sourceforge.net/auth/subscriptions/

 

Related

Feature Requests: #11