michael-e
michael-e
Oh, I would love to tell him that on the phone, proudly presenting my new website. :-)
Numbers 1 and 2 sound very good to me. I often experienced MySQL being slow especially with `OR` queries. Number 3 is unclear to me, are you sure that you...
@jensscherbl > Frontend and backend are two separate things with different requirements. A low level API at the core that can be used by the backend, native apps (as backend...
Ah, we should maybe do it inside the `if` clause. No need to retrieve a token if there is no cookie.
I am afraid that this is more complicated than I thought. In the sessions database table's serialized arrays I see `__SYM_COOKIE_PREFIX__` parts and also members data (using the prefix defined...
I re-read all these discussions and found a [comment from @brendo](https://github.com/symphonycms/symphony-2/issues/2118#issuecomment-49116679) (the "Frontend" part), but I haven't found the issue that he was referring to. So I don't know if...
What about keeping it really simple: We add a setting to the config file called `enable_xsrf_frontend`. If set to `yes`, a token (and a session) will be generated for every...
This will become more complicated. Imagine using the Storage extension, for example. You wouldn't need to be a member to build a basket. How can you ever be sure if...
That is what I [proposed above](#issuecomment-53192569),isn't it?
In my eyes it might simply be a setting which is not available on the preferences page, but in the config file exclusively. (We already have other "expert settings" there...