Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon4.gif   elog submit without user and password, posted by H. Scheit on Mon Jul 8 19:42:13 2002 
    icon2.gif   Re: elog submit without user and password, posted by Stefan Ritt on Tue Jul 9 10:58:18 2002 
       icon2.gif   Re: elog submit without user and password, posted by H. Scheit on Tue Jul 9 15:28:33 2002 
          icon2.gif   Re: elog submit without user and password, posted by Stefan Ritt on Wed Jul 10 08:53:21 2002 
Message ID: 65     Entry time: Wed Jul 10 08:53:21 2002     In reply to: 64
Icon: Reply  Author: Stefan Ritt  Author Email: stefan.ritt@psi.ch 
Category: Comment  OS:   ELOG Version:  
Subject: Re: elog submit without user and password  
> I guess it cannot and doesn't have to be 100% save.  Maybe if the web
> interface is used for a new message a long random number (let's call
> it newID) can be included, which elog remembers for some time (say 1
> day).  Now elogd accepts a new message only if 
> 
>   1) the cookies is there and valid or
>   2) if the cookies are NOT THERE, but the newID matches one of the
>        stored ones.     
> 
> The new message is rejected if the cookies are there, but are wrong.

Ok that sounds a good idea to me, I will work on that.

> Can one delete or edit messages with elog?  If yes then this should not be
> possible.

No this is not possible.
ELOG V3.1.5-fe60aaf