Show who is on your forum?? - Posted (5817 Views)
carpcatcher
Starting Member
carpcatcher
Posts: 4
4
Hi, I'm new here and don't know much about ASP-forums
Is there in version 3.4.0.5 a possibillity to show other members where the members are(in a forum) or who is online at the present time???
Thnx

Rob<
 Sort direction, for dates DESC means newest first  
 Page size 
Posted
wii
Free ASP Hosts Moderator
wii
Posts: 2632
2632
Sponsored by Search:

http://forum.snitz.com/forum/topic.asp?TOPIC_ID=56945&SearchTerms=active,users<
Posted
carpcatcher
Starting Member
carpcatcher
Posts: 4
4
Thnx...done it with sweat in my hands, first time it didn't work, second time it did(made a backupsmile)

next Question....bigsmile...Where can i configure the option needed for passwordretrieval when a user forgot it (can't find it anywhere!!!!!sad)

Thnx

Rob

P.S. my english isn't that good that i can find everything myself<
Posted
PeeWee.Inc
Senior Member
PeeWee.Inc
Posts: 1893
1893
You cant find out what a users password is, ever.<
De Priofundus Calmo Ad Te Damine
Posted
wii
Free ASP Hosts Moderator
wii
Posts: 2632
2632
If you enable the email settings, you will see a link at the top called "forgot password?".<
Posted
AnonJr
Forum Moderator
AnonJr
Posts: 5768
5768
What do you do on an intranet where not all the users have a network login - thus no NT Authentication - nor do they have any e-mail - making the above not possible?
<
Posted
MarcelG
Retired Support Moderator
MarcelG
Posts: 2625
2625
In that case you should panic... wink
No, seriously. The password can NOT be retrieved. It's encrypted, and stored in the db with an algorithm (Secure Hash Algorithm 256) which is a so called one-way encryption algorithm. E.g. the same input provides the same output, but the output cannot be used to reconstruct the input. Check WikiPedia for more info on that algorithm.
Regarding your question ; if your users do not have a network login, how are they using the computers ? Are they using no login at all ? Just 'guests' ? If they're not using any secure login on your network/PC's, why should they be using a password on the forum then ? Just set them all to "welcome" and your done.... It seems a bit strange to me to let users on your network and intranet without any form of identity management, and expect the forum to work around that issue, but that's just me.
Look, security is as strong as its weakest part, and with NO security on the PC's used (e.g. open access to the PC's, with no network login), the cookies used by the forum are accessible to anyone with physical access to those PC's. Access to the cookie means access to the forum...simple as that. So, if that's the current state of the environment on your network, why bother with any form of security.<
portfolio - linkshrinker - oxle - twitter
Last edited by MarcelG on 23 July 2005, 18:45
Posted
AnonJr
Forum Moderator
AnonJr
Posts: 5768
5768
It is a little silly, but that is how our IS department set it up...

As a departamental programmer, I've not been held with the highest reguard by some of thos in IS. I can't even get a copy of Visual Studios to do some of the programming I am asked to do.. dissapprove ..I'm considered a "security risk" by the security guy in IS. The real kicker is that during a long and drawn out series of meetings, my supervisor and I were basically told that if I was in IS, I would have them - since I'm not, I'm a security risk.
Enough ranting on that...
Some of the departments have a generic login as they only use the system for the online tests. Thus it wouldn't be appropriate to tie those people to one name.
<
 
You Must enter a message