Hi all, . <snip> >> There is also applications::d2name , categories::d2name and >> interserver::d2name. >> I think it risky to rename the calls to only accounts::id2name - I >> think it would be better to keep the "old" accounts::id2name - and >> rather implement the new accounts::id2name as accounts::id2full_name >> or something. > > It hasn't been renamed. The old method accounts::id2name now returns > the user's fullname, and doesn't reveal the user's login id, which is > good security imho. If you already have the login id then you have 1 > half of the puzzle for cracking an account. Some organizations have > policies on login ids others don't, which will also impact on benefit of > this change. > > applications::d2name , categories::d2name and interserver::id2name are > uneffected by this change, as they return the relevant string for the > data type and it has no security implications. > > The change in the string returned by accounts::id2name has been in HEAD > for months. The new accounts::id2lid is only for those cases where > internally we need the login id, which is very rare. As > accounts::id2name is used a lot for presenting username information in > the GUI, it is safest to change the functionality. Where there is a > need to for the login id, use accounts::id2lid, which can be changed > manually on a case by case basis.
It looks ok to me. AFAIU, there's no relationship between accounts and categories or applications or interserver ? right ? so returning the real full name in id2name for account, doesn't disturb anything ? Or did I miss your point Sigurd ? Cheers, Caeies. _______________________________________________ Phpgroupware-developers mailing list [email protected] http://lists.gnu.org/mailman/listinfo/phpgroupware-developers
