something is fishy about this from TI-Calc...they're gonna pull of plan B maybe next month, and from here, its all downhill.
Oh, BTW, I got the Voyager 300. Its in the box right now, because I am collecting money from people who made bets with me in school believing that I wouldnt buy it. Already made $40 so far!

"Werewolves were the only species to survive...Humans? Just a lame excuse for god's perfect creation!"

"For us to become werewolves, we must think like the mighty werewolf."
AWoooHHOoooHOoooHooo

Werewolf.com

LoL. ;=)

I'd bay a lot to get your handle...

Even though it's misspelled?

Are you sure? Because it's "Voyage" not "Voyager" and it is also "200" not "300."

It's just like the Rolexx I got for $20.

How exactly did you get a Voyager already?

they deleted my 'mock-up' joke. Hmm. Interesting...

Hey TICalc, what's with all the rampant deletion that has been going on lately? You guys never did this before, or at least not this often.

Heh... they delete the comments about his puzzlingly bad English.

Hey, look at my reply above this one. At one time there was a reply to it, but it seem to have "mysteriously" dissapeared.

You're in or you're out.

I haven't received one of these emails yet, and I didn't see a place to trigger one, so it might already do this, but just in case, I figured I would mention this idea. As the news article states, a code is sent in the email, and it must be pasted into a form on the website. Would it not make sense to have a complete URL complete with the code in the email, or to have replies sent to the email processed by a script automatically? I would guess that it already does this, and the mentioned code pasting is just a good last resort, but either of the above mentioned common ideas would make things easier for everyone. I mean, how hard is it to process a form via GET instead of POST, anyway? :)

With PHP, there isn't even a difference...

With CGI, it's actually easier--you don't have to read STDIN and then split it up, you just read the part of the address behind the "?" (I forget the actual code used though--I haven't used CGI lately).

.../verify.cgi?code= 803469865982364-8807328-
456908625635- 215-21265-2365-6 etc

#! /usr/bin/perl
$code = params('code');

Yes, there is a difference! And if you aren't writing your scripts to take advantage of it, then you are seriously misusing the language, and inviting a world of security holes into your scripts.

Using EGCPS as global variables is unfortunately a very common mistake made by programmers new to PHP. You will find a lot of scripts available that are written like this, and as such, you should not use them. I strongly suggest that anyone writing PHP turn the register_globals configuration variable off. Doing so makes your scripts a lot cleaner, and more secure.

The problem with using those variables as global is that you then cannot tell what is what, and have to assume that any variable that exists could have been set by the user. For example, you might set a variable to be true if the user is authenticated, and check it later. If you allow globals to be registered, then the user can pass a GET or POST variable with that name.

Processing a form via GET rather than POST is not harder, no.

However, since there is a password involved, you should never *EVER* use GET for the form, since the password will appear in the URL (and thus in all logs - both on the server and on any proxy or whatever that's on the path from client to server - as well as in the history file on the local machine).

Processing responses to an email is a lot more difficult than it seems. Since there are hundreds of different formats of auto-responding out there - some broken mail servers would bounce the entire mail back with just a single line added when the user does not exist, for example.

That said, I have now put the code into the URL that is sent out in the email, which will pre-fill the field in the form. It's not completely automatic, but at least it gets you away from cut-and-paste of the code.

Yes, I agree completely. Passwords should never be used via GET, and preferably, by POST, when it is not secured by SSL.

I figured that the email would contain a one time throw away code, which would be sufficient for validating if an account received the email.

You're right about processing the email. I'd forgetten about all that. That's probably why I always use URL's with throw away codes :)

Ummm, the e-mail address that I used for Author and to register is no longer valid. Will my account be deleted? I'd prefer a different username anyway, but I'd have to re-upload my files and I actually don't have the nice .zips on my computer. Is there someone that I can contact?

You could try reading the previous posts...

Tijl Coosemans
My author email address is outdated too. Who should I contact to have it changed?
27 January 2002, 13:04 GMT

Re: General question
Magnus Hagander
Please contact filearchive@ticalc.org.

I find it interesting that even though the upload queue is labelled as 'heavy', only 3 files have been approved in two weeks.

Ditto. Maybe those three files are the only ones that don't require further checking. ;)

Someone probably uploaded 10 GB of porno images in .89e format... heh.

I'm surprised they haven't deleted my porno comment yet...

I think ticalc's scripts or something are messed up -- I've gotten 102 downloads so far this week (I usually get around 30-40 if I'm lucky). And programs of mine that usually get around 1-2 downloads a week have gotten around 10 so far. Something's wrong (but, hey, I'm not complaining.)