(28 Jul 11, 06:54PM)Luc@s Wrote:(28 Jul 11, 06:35PM)castiel Wrote: "Published"? you can't be serious. First lets say the chance of somebody looking at the source, literally 0.1st you did catch my password and it's enough.
Then lets say they happen to realise what the random bit of commented out 'jibberish' is, literally 0.
Also even is the risk is low, i don't think sending these informations to all clients is a good idea. A robot could have cached a few pages of my site during this period for example. It is obviously a security issue. You can't negate that.
Yes I did catch the password, but I was the only person in the WHOLE WORLD who knew what it was and why it was there. There WAS a "risk" BUT you changed the password thus nullifying the chance of ANYTHING happening.
(28 Jul 11, 06:54PM)Luc@s Wrote:(28 Jul 11, 06:35PM)castiel Wrote: I was modifying the source because you left and they came and asked me? Why didn't they just email you?"They" are a bit responsible because "they" shared daylixx's password. But you could have used other methods to help them. Don't try to evade the problem please.
Evade the problem? I am the one who ignored emails, ims? If they are also responsible where is the punishment? You seem to be going out of your way to simply give me a miserable time.
(28 Jul 11, 06:54PM)Luc@s Wrote:(28 Jul 11, 06:35PM)castiel Wrote: What serious problem? If you've had any intrusions because of it please list them, because other than a minor incontinent task of you having to change your password. So no actual problems were caused.You got my password. It is actually a problem. And some informations have been published for a few minutes on my server. It is a problem.
Something that was easily fixed. As of right now you have no problems and no issues.
(28 Jul 11, 06:54PM)Luc@s Wrote:(28 Jul 11, 06:35PM)castiel Wrote: Stay away for security reasons? All I wanted to do was participate...then just participate and don't bring security issues
There would be no issues if I had not been asked, I did not bring this on myself.
(28 Jul 11, 06:54PM)Luc@s Wrote:(28 Jul 11, 06:35PM)castiel Wrote: I never even spoke to daylixx, I talked to harrek and gave him all he asked...so what
(28 Jul 11, 06:35PM)castiel Wrote: ? They couldn't see the unapproved users from the admin panel of the site, which is why I looked at the database to check it. I told them how I "thought" you had been approving teams and how they should add them.Just by looking at 1 file you would have known what they had to do. And you have modified this file so you should have known.
1 file? It was messy as hell, thus why in the first place I suggested you use a framework or at least follow some sort of design pattern(this is besides the point).
I did not see from "1 file" what they had to do, so I looked at the database and told them what they wanted.
(28 Jul 11, 06:54PM)Luc@s Wrote:(28 Jul 11, 06:35PM)castiel Wrote: So all in all they should have emailed you instead of contacting me. I have been totally screwed over for trying to help out.Yes they should have emailed me, but they didn't guess you would do such a mistake.
So you admit it is essentially their fault?
Whatever way you try to spin it. I was simply trying help and do what they asked me to do.
You can go on about "security issues" all day. But at the end of it all, I tried to help out(when I shouldn't have been asked) and accidentally did something you seem to deem [b]unforgivable[b](for what reason I cannot fathom). I have apologised and you and I both know that there is no longer a security risk, yet you still hell bent on giving me a hard time over it.