On Sep 19, 2006, at 2:54 AM, Christian Boos wrote:
>
> Noah Kantrowitz wrote:
>> The argument for registration is to allow repeat reporters and
>> commenters to only have to prove their humanity once.
>>
>
> Ah, maybe this could be stored in the session, e.g. after a human test
> validation succeeds, some kind of easy to verify hash gets written in
> the session, like:
>
> data = [sid, self.human_check_seed, time.localtime(time.time())[:3]]
> req.session['human'] = md5.md5(':'.join(data)).hexdigest()
>
> sid is the session id, self.human_check_seed is some data from the
> trac.ini,
> and the time thing is to have it change every day, the suggested
> periodicity.
Even with this in place, it would probably be wise to keep some kind
of running karma score for each user, to prevent someone from
registering one account and then passing it to 500 spam zombies.
--Noah
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac
Development" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/trac-dev
-~----------~----~----~----~------~----~------~--~---
