*HCS* ContactDB: review, modify, add

Noam Zeilberger zeilberg at hcs.harvard.edu
Thu May 18 23:06:06 EDT 2000


So, the ContactDB project was initiated and largely completed today.  It
allows groups to add, delete, browse, and send mail to contacts.  It can
be tested at hcs/~zeilberg/cdb/cdb.php with administrative password
"superpass" and normal member password "clubpass".  The code (about 9K of
PHP) is available at hcs/~zeilberg/cdb.tar.  If you have time, please take
a look at it (no documentation...as all code should be;).  Since none of
us really knew php well (I think), the code may not be all that canonical,
but try to see if it works...especially the access granting part.  Club
members authenticate themselves with either the administrative or the
normal password (hmm...I just realized these can't be the same with the
current setup...disregard that for now...).  This password is passed
around by POST and checked before each request.  We think this is secure
(except for sniffability, of course), but maybe there's some way to pass
in variables that subverts it (dmolnar, you listening:?).

Another thing to consider: we didn't implement a search command because we
figured no one would keep a list long enough for this to be useful.
Anyone disagree?

Any other features (bugs?) you'd like to see?

If anyone wants to prettify (or customiably prettyify) this, please do so.

ok...maybe I'll start studying for that final tomorrow...

Noam

p.s. please cc your comments/suggestions/changes to bobby at hcs, who did a
lot of this and (I don't think) is on hcs-discuss.




More information about the hcs-discuss mailing list