Search found 63 matches

by bobtheman
Wed Feb 03, 2010 7:14 pm
Forum: [3.x] Discussion
Topic: User Security
Replies: 37
Views: 31925

Re: User Security

The memberlist is fine, I'm sure the new style will have a much improved UI but essentially the purpose will remain the same, Is there a need to change it? IS there something 10 times better it can be replaced with? Discuss what exactly you would want in the new memberlist. Email isnt much of a bad...
by bobtheman
Wed Feb 03, 2010 1:43 am
Forum: [3.x] Discussion
Topic: User contribution
Replies: 20
Views: 18205

Re: User contribution

IMO votes are useless. discuss, bring arguments and let the best argument win, not "most votes". open development != democracy. open development means the community can offer ideas, critique, arguments, code, documentation and most importantly code reviews. counting yays and nays is meaningless and...
by bobtheman
Tue Feb 02, 2010 1:16 am
Forum: [3.x] Discussion
Topic: User Security
Replies: 37
Views: 31925

Re: User Security

Getting rid of the memberlist on the grounds of security is daft, it's nothing but security through obscurity. Those accounts you'd want to brute force are likely to be listed in your replacement, administrators etc. and you can always just go harvest addresses from all over the board. As to the us...
by bobtheman
Mon Feb 01, 2010 3:21 pm
Forum: [3.x] Discussion
Topic: User Security
Replies: 37
Views: 31925

Re: User Security

I wouldn't get rid of the memberlist. If anything, make an option to disable it and/or have a separate permission setting just for the memberlist (IIRC, just one now controls profiles + memberlist). Ok but this doesnt address the usefulness of the memberlist nor the original question of user securi...
by bobtheman
Mon Feb 01, 2010 12:42 am
Forum: [3.x] Discussion
Topic: User contribution
Replies: 20
Views: 18205

Re: User contribution

RFCs are meant to give you a possibility to present your ideas and allow the community to participate. After all, they stand for Request for comments. Rather than implementing a feature due to a number of votes from a unrepresentative part of the community, features should be considered based on th...
by bobtheman
Mon Feb 01, 2010 12:18 am
Forum: [3.x] Discussion
Topic: User Security
Replies: 37
Views: 31925

Re: User Security

i have to agree, having both a login and username is'nt IMO beneficial. Instead we should look at the issue "if there is one"... The member list, what is its purpose? Should we keep it? maybe make some changes to it. maybe the member list shouldn't list all members, but instead list things like, adm...
by bobtheman
Fri Jan 29, 2010 5:01 am
Forum: [3.x][Archive] RFCs
Topic: [RFC] WYSIWYG editor
Replies: 52
Views: 77453

Re: [RFC] WYSIWYG editor

i was under the impression that wysiwyg editors like TinyMCE address's these very issues and the security built in is more than sufficient.
by bobtheman
Fri Jan 29, 2010 4:52 am
Forum: [3.x] Discussion
Topic: User contribution
Replies: 20
Views: 18205

Re: User contribution

This is what the RFC's are for. The idea is to let users "from the support forums and dev forums" to submit and vote on ideas that everyone likes and agrees upon. The ideas that stick out the most and have the highest votes should take priority for observation/development ect ect. including the sup...
by bobtheman
Tue Jan 26, 2010 5:21 am
Forum: [3.x] Discussion
Topic: User contribution
Replies: 20
Views: 18205

Re: User contribution

I like this idea, i think the zend example is a little to complex and looks jumbled though. I like wordpress's "ideas" or "suggest an idea"
http://wordpress.org/extend/ideas/
by bobtheman
Sun Jan 24, 2010 5:19 am
Forum: [3.x][Archive] RFCs
Topic: [RFC] WYSIWYG editor
Replies: 52
Views: 77453

Re: [RFC] WYSIWYG editor

Frankly, I have yet to see such a thing as a "secure HTML parser". It simply doesn't exist, which is the very nature of HTML. Even worse, it would still be bbcode, but masquerading as HTML. Consider that style classes etc have to be added to the entered HTML, url re-writing has to be done, permissi...