demexp-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Demexp-dev] Re: Two questions: account password change and PHP allow_ur

From: David MENTRE
Subject: [Demexp-dev] Re: Two questions: account password change and PHP allow_url_fopen requirement
Date: Sun, 29 Oct 2006 21:30:35 +0100
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.4 (gnu/linux) 
Augustin <address@hidden> writes:

> On Monday 23 October 2006 01:58 am, David MENTRE wrote:
>> Hello Augustin,
>>
>> I have two questions related to your code and Drupal:
>>
>>  1. Is it possible for the demexp admin in Drupal to change the demexp
>>     password of a Drupal user? It happens that demexp users loose their
>>     passwords and I need to be able to give them a new one.
>
> ??? Did you code a method for that? 
> As you know, I haven't implemented any of the admin methods yet.
> If you feel it's urgent, I'll work on the admin methods as soon as the new 
> site is launched.

You did not understood my question: I was asking for a way to change the
demexp server password of a user *inside his Drupal account*. :-)

>>  2. Can Drupal and your demexp module work with allow_url_fopen
>>     disabled? It is apparently the cause of a great number of recent
>>     attacks:
>>       http://lwn.net/Articles/203086/
>>       Remote file inclusion vulnerabilities
[...]
> I am not sure if the core of Drupal needs it, but some contrib modules use it 
> (though we may not need them). 

As I said in my previous email, it is currently ON on my config. Once it
works in this setting, I'll try to disable it.

Best wishes,
d.
-- 
GPG/PGP key: A3AD7A2A David MENTRE <address@hidden>
 5996 CC46 4612 9CA4 3562  D7AC 6C67 9E96 A3AD 7A2A
reply via email to
[Prev in Thread] Current Thread [Next in Thread]