| [phoenix-dev] Eclipse website login |
|
Team, I've implemented a number of changes to eclipse.org-common that are awaiting some peer review. I have simply added new functions to app.class.php, and I added two new classes, so this change is fairly low-risk in that it won't (shouldn't) break any existing code. Here's what's new: 1. Support for Bugzilla authentication session.class.php was created to allow users to authenticate to our website. I will design the actual login page, but this will allow any Phoenix page to "consume" the login session, and determine if the current user is logged in (or not), extract their name, and eventually their committer status, etc. 2. Support for parameter sanitizing SQL I added $App->sqlSanitize($_value, $_dbh) which will return a sanitized value. We must start ensuring our incoming parameters are sanitized before going to the database, even if we're only issuing SELECT statements against a read-only database. 3. Support for Event Logs Currently only used for the purpose of tracking logins, but it could be for other purposes where an event needs to be logged. The latest patch at https://bugs.eclipse.org/bugs/show_bug.cgi?id=209557 is what I would like to commit to the live site. Please review this patch and +1 it if you feel it is safe to commit. Thanks, Denis -- Denis Roy Manager, IT Infrastructure Eclipse Foundation, Inc. -- http://www.eclipse.org/ Office: 613.224.9461 x224 (Eastern time) Cell: 819.210.6481 denis.roy@xxxxxxxxxxx |