PDA

View Full Version : No more fear


akickku
02-15-2005, 07:28 AM
After several months of developers whining to the HT's in the chpp conference, they released this notice today. Basically, everyone will have two passwords for their club. Your main password, and a secondary password that you can give out that won't allow anything to change to your club, posted by HT-Jonas:

We have decided to implement a "readonly"-password, to be used by CHPP. The reason for this is twofold:
- We don't risk that a CHPP that have gone havoc collects real passwords and uses them to destroy teams.
- The users will more readily use CHPP-apps since the security problems are avoided.

The change will be employed in several steps.

Information given to CHPP (this text).
...
defaulthelp.asp updated with new info.
...
New input-field added to login-procedure, "readonlypassword".
When logging in with readonlypassword, the session will be deemed as ReadOnly
Only actions deemed secure by HT will be accessible in ReadOnly-sessions. This of course includes XMLs available today.
...
Users will be able to set ReadOnly-passwords
Users will be briefed about the purpose with ReadOnly-passwords
CHPP-devs rolls out new versions, using "readonlypassword" instead of "password"
...
It will no longer be possible to login with logintype="CHPP" and "password" (the current combo)

... denotes lapses in time.

daedalus
02-15-2005, 08:11 AM
Awesome.

PilotMan
02-15-2005, 09:05 AM
I have no idea what any of that means. Except that you can log in and read a teams info, but don't have access to its options. How that affects CHPP poducts is beyond me.

Mr. Wednesday
02-15-2005, 09:15 AM
I don't recall much whining about this stuff in the CHPP folder, but maybe I haven't been reading the right threads.

FrogMan
02-15-2005, 09:18 AM
I have no idea what any of that means. Except that you can log in and read a teams info, but don't have access to its options. How that affects CHPP poducts is beyond me.
sometimes, a site will ask you to put in your team password, say a site like Hattrix. If the owner/developper of Hattrix goes crazy, or gets mad at HT for whatever reason, he could snif your password and start doing crazy stuff to teams. At least that's what I understood...

FM

Alf
02-15-2005, 09:43 AM
What FM said.

Alf
02-15-2005, 09:44 AM
by the way akickku, what app are you developping (for you to have this info, you need to be CHPP approved) ? I am curious as we have a bunch of CHPP approved guys onboard here :)

sterlingice
02-15-2005, 12:06 PM
I think this is a good idea, long overdue.

Si

akickku
02-15-2005, 01:16 PM
I'm developing a comprehensive stat site for the entire USA. For instance as of completion of week 2 matches in season 25, their have been 564984 league matches played in the USA. I hope to do full scale rankings for win percentage, most goals scored, least goals givne up, hatstat ratings, and such. A lot like hatstats but a with a national ranking twist to it. I plan on making tables that show which teams average the most goals per game, the least, etc. My scanner is currently plugging away threw season 17 data, only around 100,000 matches in my database so far. If anyone has any ideas for what they want to see as far as stats go feel free to ask away.

I'm kinda developing a national ranking system. I'm thinking on using a combination of ht cup rank, hatstat rating, a comparision between when a user joined hattrick and their current cup rank, and overall win percentage in league games to try and rank users in one ugly rank. Imagine the bcs, but just with the computers. Looking back at the early season data, its fun seeing Wizards and Cyclones pull 70 ratings :-)

Alf
02-16-2005, 03:09 AM
That's cool ! AS forme, well, it is in my sig.