Blog / General / This month is a constant headache
…so please be patient guys if I can’t be quick answering your questions…
I’m err… almost… done with my exams.
It’s been a long month and it’s still not finished, d’uh!
On Wednesday there’s another test, and hopefully the next week there should be the last one (if all went well for the written part… I’m a bit worried)
Blog / General / News / Hush! thesist here
On Monday I’ve committed the hash thingie; it seems to be working nicely.
Also, I’m almost officially a thesist, and, can you guess? The thesis will involve FlatPress.
We have to still define the details but it will probably involve rethinking and rewriting the indexing system (which is still quite crappy), and maybe multiuser support, so you’ll fianlly stop asking when it will be there :P
Supporting more than one user, despite what you might think, is anything but a trivial task, and not because I’ll have to handle registrations for users, but because of the usual concurrency problems, which at the moment aren’t critical.
So it might end that those damn Petrinets will come in handy after all.
Now I’ve only to pass this 3 exams.
Please be nice to me, I’m very busy :P
Blog / General / “Hashes to hashes” :D
Connected with the new hashing algorithm in SVN I had some problems upgrading my own personal blog www.nowhereland.it, so I had an idea (not yet implemented but it will be soon) which should avoid it.
Salt for the hash is now calculated using a combination of some constants, which are (IIRC :D) the blog url, and the absolute path on the server.
The major problem with this algorithm is that if you’ll ever have to move from a server to another you will have to re-create your user.
Moreover yesterday I discovered something can vary also in other situations, I’ll have to investigate.
So here’s the hack: the salt will be generated once and the stored in a file which will be in your fp-content/config/ (hashsalt.conf.php)
The file won’t be word-readable as the other conf files aren’t (it’s php, so if you call it it won’t be printed but executed, and the execution doesn’t generate any output), and will contain the string which will be the salt to encode passwords.
Moreover you’ll be able to edit this salt by hand for additional strength :)
Aside: on Monday I’ll be talking to one of my professor, and see if FlatPress can be object of my thesis :)