in reply to Re: proxy resource access. (spoof)
in thread proxy resource access.

/me runs off to set up home node buttons....

Actually that exploit wouldn't work. Since all new messages by a user are created with folder=-1 they wouldnt be recognized as valid. The user would have to go to the their deleted message folder, and undelete it.

Please don't overload "/msg" with this purpose. It be better stored in a user's settings and the code that sets it should be more paranoid than the rest of our code,

Hmm, ok if you feel thats really necessary.

---
$world=~s/war/peace/g

Replies are listed 'Best First'.
Re^3: proxy resource access. (spoof)
by tye (Sage) on Mar 30, 2006 at 07:48 UTC

    Ah, I missed that quirk of your proposal. But it would be nice if people could choose to have their sent messages default to not deleted because they prefer to keep a record of them.

    Hmm, ok if you feel thats really necessary.

    Yes, what is vital in technical decisions is an assessment of tye's emotions.

    So you'd rather have the DB go pawing through all messages sent from X to Y searching for one of the right format? You are going to add infrastructure to make it easy to put this information in a place already defined to have a quite different purpose for what reason? Wouldn't infrastructure to set a user setting be better in so many ways? Private messages should act like private messages, which leads to conflicts if you try to use them for permission granting.

    - tye        

[reply]

      Ah, I missed that quirk of your proposal. But it would be nice if people could choose to have their sent messages default to not deleted because they prefer to keep a record of them.

      Yes it would. And while I was on the "use the message system" track I was thinking we would create a special folder number that permissions checks would use. So the query actually wouldnt be X to Y, but X to Y in folder=N. And all of that is indexed anyway.

      Yes, what is vital in technical decisions is an assessment of tye's emotions.

      Now now, dont be testy. I didnt use "feel" in the sense of your emotions. You can safely s/feel/think/ or s/feel/believe/ and the intended sense of my statement should remain the same. :-)

      You are going to add infrastructure to make it easy to put this information in a place already defined to have a quite different purpose for what reason?

      Mostly code/infrastructure reuse. Using the message system IMO would be a minor change. But I'm also ok with doing it an alternate way as you suggested.

      BTW, part of the reason I find the idea of using the message system in this way attractive is because its already a place where we have a level of shared data between two users. So to me it makes a certain sense to use it where shared data comes up. But as I already said, if in your assesment it would be better done other ways then I'm ok with that.

      ---
      $world=~s/war/peace/g

[reply]

In Section Inner Scriptorium