xcessive
Epic Poster
.[M:5000]
Posts: 526
|
Forum
Dec 6, 2010 10:10:53 GMT
Post by xcessive on Dec 6, 2010 10:10:53 GMT
...it was only a beta test release and there was no reason to be overly security conscious. Well, in that case, point taken. Collision in MD5 hash function was found more than a decade ago. There are other more secure cipher algorithms, so, it would be sensible to use them instead of MD5 in anything serious. I would go with SHA (512/384 or 256/224) in PHP as there have been no collisions found for these. The only reason I went with MD5 was because PHP defaults to it when using the crypt function.
|
|
|
Forum
Dec 6, 2010 14:53:44 GMT
Post by moneyman18 on Dec 6, 2010 14:53:44 GMT
What kind of encryption are you using on registration? I am using MD5. At the moment I am not overly concerned on the issue of which is the best to use for encryption. If I ever do anything with the forum I will probably change it though.
|
|
xcessive
Epic Poster
.[M:5000]
Posts: 526
|
Forum
Dec 7, 2010 0:44:17 GMT
Post by xcessive on Dec 7, 2010 0:44:17 GMT
What kind of encryption are you using on registration? I am using MD5. At the moment I am not overly concerned on the issue of which is the best to use for encryption. If I ever do anything with the forum I will probably change it though. Whatever you do don't go with the SHA-1 family if you're looking for good security as they are just as bad as MD5 in terms of collisions. More questions. About the back end. How are you organising your database, 3NF+? Or is it not normalized? Have you made it portable or would all forums go into the same backend? MyISAM or InnoDB?
|
|
|
Forum
Dec 8, 2010 15:40:55 GMT
Post by moneyman18 on Dec 8, 2010 15:40:55 GMT
More questions. About the back end. How are you organising your database, 3NF+? Or is it not normalized? It is probably not normalized as I don't completely understand NF. I haven't found any articles either that made it simple for me to understand. Have you made it portable or would all forums go into the same backend? If you mean having just a single standalone forum, then no. MyISAM I understand the differences between the two, but what I don't know is when to use one over another.
|
|
xcessive
Epic Poster
.[M:5000]
Posts: 526
|
Forum
Dec 9, 2010 0:54:28 GMT
Post by xcessive on Dec 9, 2010 0:54:28 GMT
More questions. About the back end. How are you organising your database, 3NF+? Or is it not normalized? It is probably not normalized as I don't completely understand NF. I haven't found any articles either that made it simple for me to understand. If you mean having just a single standalone forum, then no. MyISAM I understand the differences between the two, but what I don't know is when to use one over another. NF is basically common sense. MyISAM uses 32 bit references and data handling and thus each table only has a 4gb limit. Its also (arguably) much slower, although I think thats bull, 32 bit is almost always faster, or at least less CPU intensive. So don't host any big forums, or they will get the dreaded "Database full" error.
|
|
Jordan
Elite Poster
[M:5000]
Posts: 286
|
Forum
Dec 16, 2010 2:34:30 GMT
Post by Jordan on Dec 16, 2010 2:34:30 GMT
Damn moneyman, you've come a long way since you were posting on pbs. I'm impressed with your forum, it looks really nice.
|
|
|
Forum
Dec 22, 2010 3:18:14 GMT
Post by moneyman18 on Dec 22, 2010 3:18:14 GMT
MyISAM uses 32 bit references and data handling and thus each table only has a 4gb limit. Its also (arguably) much slower, although I think thats bull, 32 bit is almost always faster, or at least less CPU intensive. So don't host any big forums, or they will get the dreaded "Database full" error. Totally forgot about that. Damn moneyman, you've come a long way since you were posting on pbs. I'm impressed with your forum, it looks really nice. Thanks. It doesn't seem to me like Iv'e come far but with a lot of things I do or make it always seems to me as if its not good enough. meh There is a lot more I want to learn but it seems as if I haven't had much time with schoolwork but I should have a bit of time on break here. There is just so much to do and so little time to do it. Iv'e got a long list of things I would like to do before I die and I don't just want to do them, I want to do them the best that I can.
I have one question. I was about to add color UBBC tags last weekend and I want to allow the names of colors (Red, Green, Blue, ect) instead of just hex and rgb. Would I have to check that the color in the UBBC is in a defined list of colors or should I just print the color that is in the UBBC to the page and escape it as necessary?
|
|
|
Forum
Apr 2, 2011 15:26:40 GMT
Post by stevenf50 on Apr 2, 2011 15:26:40 GMT
Here is my brainstorm: -Needs a better name, prochatter is just lame. -Needs something different that others don't have.
|
|
Cam
Administrator
[M:5000]
Posts: 6,381
|
Forum
Apr 2, 2011 21:38:44 GMT
Post by Cam on Apr 2, 2011 21:38:44 GMT
Its looking really nice now!
|
|
|
Forum
Apr 3, 2011 16:43:38 GMT
Post by moneyman18 on Apr 3, 2011 16:43:38 GMT
@steven - Agreed.
I have basically abandoned this. Maybe I will get back to working on it sometime here, but seeing as I will probably never use it there really is no point to do so.
|
|
Nick
VIP
v5 Beta Tester[M:5000]
Philadelphia Eagles: 8-8
Posts: 2,239
|
Forum
Apr 3, 2011 19:53:38 GMT
Post by Nick on Apr 3, 2011 19:53:38 GMT
md5 will work very well. The only reason that I would consider switching from md5 is if I was storing credit card numbers. And all encryptions, definitely commercial ones have their vulnerabilities. I would make my own encryption tool to be the safest so nobody could find out my algorithm.
|
|
edenwax
VIP
v5 Beta Tester[M:5000]
Posts: 1,266
|
Forum
May 13, 2011 16:30:37 GMT
Post by edenwax on May 13, 2011 16:30:37 GMT
You still workin on this, Money?
|
|
|
Forum
May 13, 2011 16:51:40 GMT
Post by moneyman18 on May 13, 2011 16:51:40 GMT
You still workin on this, Money? On and off. Most of the stuff I have done though is back end stuff such as recoding the template parser but I do need to finish and create a lot more pages. I want to continue with this and at least finish what I have started before I completely move on.
|
|