This forum is in permanent archive mode. Our new active community can be found here.

IDShare

13»

Comments

  • AprecheApreche
    Do you have an option for user defined fields, or just one big comment field, on people's profiles? It's not perfect, but it's a decent enough stop-gap measure.
    No such option.
    I looked, and there are plugins that add them, but none tested/approved by Vanilla :/
    I just tested a few of them on a local copy of the forum. The only one that is actively maintained, works, and does what we want is MyProfile. However, this requires ME to specify all the fields. If you guys suddenly decide you want to share usernames for some new MMO, then I have to go and manually add a field for that. That is no good. The point of IDShare was that you could make your own fields.

  • Not nineNot nine
    Because people are unable to put "Google+: I AM A HUUUGE NERD" into the text field, regardless of field name.
  • OmnutiaOmnutia
    Can the ability to assign additional fields be added as a specific privilege? A couple of people on care-taker duty and a thread for requests would work in that case.
  • AprecheApreche
    Can the ability to assign additional fields be added as a specific privilege? A couple of people on care-taker duty and a thread for requests would work in that case.
    No. It's a text file on the server.
  • AriaAria
    Put the text file somewhere public like gdocs and sync it every so often? Filter out non letters and numbers for security if needed.
  • AprecheApreche
    Put the text file somewhere public like gdocs and sync it every so often? Filter out non letters and numbers for security if needed.
    You're getting somewhere, not a bad idea. Thing is, no matter what I will have to check it by hand, and if it hasn't updated in awhile people will have an excuse to make a thread. It creates work for me to do no matter what. The only solution I like is one where I set it up, and it just works forever. I am not good at doing routine maintenance, because I forget. I work best by setting up something big with all sorts of automated maintenance mechanisms in place.
  • AriaAria
    That can be automated. Google Docs does scripts. Just have it save as a .txt file, then put something on the server (Do you have a dedicated server? If not it's still possible with Php) that grabs it. Set both scripts to run hourly or something, no one will complain
  • AprecheApreche
    That can be automated. Google Docs does scripts. Just have it save as a .txt file, then put something on the server (Do you have a dedicated server? If not it's still possible with Php) that grabs it. Set both scripts to run hourly or something, no one will complain
    And then someone puts something malicious in the Google Doc and it automatically is put on my server. Genius!

    I have to look at it. The only changes to the server that are permissable are ones that pass through software by an authenticated user, and are put in a safe and harmless place, like the database for this forum.
  • AriaAria
    Could someone really do anything dangerous with only letters and numbers, and only being able to write to the part that says what fields show up in a table? I mean, I haven't looked at any of it, so I wouldn't know, but it seems like a pretty low risk to me.
  • AprecheApreche
    edited May 2012
    Could someone really do anything dangerous with only letters and numbers, and only being able to write to the part that says what fields show up in a table? I mean, I haven't looked at any of it, so I wouldn't know, but it seems like a pretty low risk to me.
    That particular plugin uses a file in yaml format. It is then executing SQL based on that yaml. That's a potential avenue for an injection attack. Let's assume the best case scenario. If the file is malformatted then the app, or even the entire forum, might server error out.

    You know how I always talk about how my computers always work? It's because of things like this. I will not take any risk whatsoever for the sake of convenience. Most people do the opposite, and they get burned.
    Post edited by Apreche on
  • AriaAria
    Alright, alright, put the Google Docs in your rss reader. Stuff will get added often for a week, and then like once a month. Do a diff (or the built in gdocs thing) and just skim it manually. You won't forget, and it'll only be a bother the first like, one day.
  • AprecheApreche
    Alright, alright, put the Google Docs in your rss reader. Stuff will get added often for a week, and then like once a month. Do a diff (or the built in gdocs thing) and just skim it manually. You won't forget, and it'll only be a bother the first like, one day.
    Again, that's work for me to do. I could even avoid the google docs entirely and just use Git. But still, that is work.

    The right answer is to have a system like IDShare that just works.
  • NeitoNeito
    I think the problem is that if it's distributed among many forums, it's useless to most people. If it's centralized, it's just flavors.me or about.me.
  • AprecheApreche
    I baleeted idshare. That means I can save money by removing a server. I exported the data to a Google Doc for you.

    https://docs.google.com/spreadsheet/ccc?key=0Amh4XYkHbJgfdEZqQjdWTTFsX01rNFhBMmcya1Z1T0E

    There is still no excuse to make "everyone share your ID" threads. Here is why.

    1) Systems like Steam have groups. You can just join the GeekNights steam group.
    2) IDShare was barely used. Nobody has made such a thread here in many moons. The world did not end.
Sign In or Register to comment.