+- GetSimple Support Forum (http://get-simple.info/forums)
+-- Forum: GetSimple (http://get-simple.info/forums/forumdisplay.php?fid=3)
+--- Forum: General Questions and Problems (http://get-simple.info/forums/forumdisplay.php?fid=16)
+--- Thread: Get simple BASIC (/showthread.php?tid=7125)
Get simple BASIC - wolfheart - 2015-03-05
Ho Im building an app... Its a flat file app. I need a login/user management part of it. I was thinking about using GetSimple as that part. is there a very basic part of Getsimple that can be used for this. Without anything else just the login/user management part. I would hate to have to write it myself and found this to be the best script for it.
Me piecing apart your cms is probably not the greatest thing to do... since I didnt write it. so do you have just the user managent part... thanks
RE: Get simple BASIC - shawn_a - 2015-03-05
3.3.x is not very good to use modular, a lot of hard coded procedural pieces and old pho 5.2 code.
I would not suggest it, it also has several security weaknesses.
I would ise something like phpass library instead.
RE: Get simple BASIC - revotron - 2015-03-18
So the creator of getsimple says that it isn't secure...
Well what shall I say to this?
RE: Get simple BASIC - shawn_a - 2015-03-18
how about "why did you ban me?"
you could say that....
RE: Get simple BASIC - revotron - 2015-03-18
Hah? I didn't mean to insult you? I'm just wondering why you mentioned that your CMS isn't secure. Or am i mistaken?
RE: Get simple BASIC - shawn_a - 2015-03-18
1. I am not the creator
2. Trying to reuse our security mechanism has security weaknesses compared to tried and tested security libraries.
I never said "it isn't secure"
If you want more info on these weaknesses, some have been addressed in 3.3.5, some will be addressed in 3.4.
We use non https, no session based cookie auth, that in itself should be considered a security weakness.
https://github.com/GetSimpleCMS/GetSimpleCMS/issues?q=is%3Aopen+is%3Aissue+label%3ASECURITY
specifically https://github.com/GetSimpleCMS/GetSimpleCMS/issues/880
RE: Get simple BASIC - revotron - 2015-03-19
(2015-03-18, 23:35:39)shawn_a Wrote: 1. I am not the creator
2. Trying to reuse our security mechanism has security weaknesses compared to tried and tested security libraries.
I never said "it isn't secure"
If you want more info on these weaknesses, some have been addressed in 3.3.5, some will be addressed in 3.4.
We use non https, no session based cookie auth, that in itself should be considered a security weakness.
https://github.com/GetSimpleCMS/GetSimpleCMS/issues?q=is%3Aopen+is%3Aissue+label%3ASECURITY
specifically https://github.com/GetSimpleCMS/GetSimpleCMS/issues/880
Alright, thank you very much! Always thought you are the only developer of the getsimple core. Sorry :/
RE: Get simple BASIC - shawn_a - 2015-03-19
I am atm