Not that it matters but I'm just here to suggest that people not use the change email feature. Of course it is nice but there is account security to deal with, everyone should know by now the amount of people that "get hacked", being able to change both the account password and account email basically means they lose the entire account for good.
If you keep this feature though you could add a secret password to the account that you need to use to change the email, or you could use the email that was originally with the account to do so (assuming that there is no possible way for someone who doesn't own the account to find what the original email was, without being told it by the person who gets "hacked").
Third option that I see would be to make another column in the DB to store the original email in it, then if they "get hacked" you could use that as a sort of account security backup.
This is all if you really care, because if you don't care then thats fine too :D
Quote:
Originally Posted by fastswipe
What about a forget password option? It would be awesome!
|
+1, but should it set the password to a randomly generated temp password like most sites do (the al34jasdg type thing) and then email it to the accounts email or should it just email the password to the email. Not that the second one matters since this is a pserver scene, but the first provides more security for the end-user because, although rare, I've seen cases where the account and the person's email have been hacked. And since people aren't that intelligent, the first one offers protection for those who use the same password on everything in life.
Quote:
Originally Posted by Farius~
also would be good to add a system skins...
where you can change the style of the page, or that people release designs for others to use them.
|
I like the idea of this too, the thing is how to do it. I haven't done a lot of web design but from what I've seen it might not be possible to have custom designs without it being accessible to everyone at the same time (like forum skins). But this is something I have never looked into so it might be possible?
Still +1.
__________________________________________________ _________
Also would suggest adding an IP log page to the account panel, whether it be on the user panel or some extra gm side panel, unless that's part of account overview (which would be weird).
Here's one that I use: (Enjoy the release :))
<?php
include("_.php"); // Global settings php file, whatever you name it.
echo "<center>";
$login = checkIfLoggedIn($con); // Check if they are logged in to the panel (I use a function out of the php that I included above)
if($login == true)
{
echo "<br><font color=red>RESULTS ARE THE 30 MOST RECENT LOGINS.<u></u></font><br><br>";
echo "<table width='300' height='1'><tr valign='top'>";
echo "<td width='5%'><u><font color='#306EFF'>IP</font></u></td><td width='15%'><u><font color='#306EFF'>Date</font></u></td></tr><tr valign='top'>";
$logged_inq = mssql_query("SELECT TOP 30 conn_ip,login_time FROM account.dbo.USER_CONNLOG_KEY WHERE user_no LIKE '".$userno."' ORDER by conn_no DESC",$con); // $userno should be derived from elsewhere in the panel (like how I got mine from the php file imported at the top), or you should add a way to get that based on the account name currently logged in.
while($loginflag = mssql_fetch_array($logged_inq))
{
$ip = $loginflag['conn_ip'];
list(,$ip) = unpack('N',$ip);
$ip = long2ip($ip);
echo "<td width='5%'><font color = white>".$ip."</font></td>";
echo "<td width='15%'><font color = white>".$loginflag['login_time']."</font></td></tr><tr>";
}
}
else if($login == false)
{
echo "<meta http-equiv='REFRESH' content='0;url=_.php?type=loginlogs'>"; // Whatever your main php
}
echo "<a href='_.php' style='color: #00FF00'>Return to main page</a>"; // Whatever your main php page is called.
echo "</center>";
echo "</font>";
?>