Poll: Will interested to help share the cost of creating a registration-login module

Forums    Joomla Templates Club    JA Teline II    Poll: Will interested to help share the cost of creating a registration-login module
Viewing 15 posts - 1 through 15 (of 22 total)
1 2
  • Author
    Posts
  • cgc0202 Friend
    May 26, 2008 at 8:23 pm #128935

    Many people have expressed their desire to want a registration-login module, with some of the features of the Community Builder (by Joomlapolis) that will be updated for Joomla 1.5.x and its future versions.

    The Question:

    Will you be interested to help share the cost in the creation of such a registration-login module?

    Answer:

    Yes: if you would be willing to share the cost

    No => if not
    Not sure => well, if you cannot make up your mind.

    We should discuss what features we want of such a module.

    I hope you will respond positively. The cost for each would be less if more of us will share the total cost.

    Thanks.

    Cornelio

    subfighter Friend
    May 26, 2008 at 8:25 pm #250643

    well need to wait for them to release it.. any day now hopefully

    cgc0202 Friend
    May 26, 2008 at 9:06 pm #250646

    <em>@subfighter 55368 wrote:</em><blockquote>well need to wait for them to release it.. any day now hopefully</blockquote>

    Thanks for responding before I even finished the poll subfighter. I have a number of reasons why I am trying to find an alternative to the Community Builder.

    About Joomlapolis itself
    1) They are so slow in responding — think about 6-12 months from their previous responses to needed update because of Joomla update. This adds to the vulnerability of any Joomla site.

    2) The next version of CB v1.2 has been announced for many months. From what I read, they are trying to create a version that will be functional for all — Joomla 1.0.x, Joomla 1.5.x and their Mambo. Expect this to be bloated, and may be obsolete before it is ready because Joomla updates so fast whenever there is any vulnerability.

    3) The complexity of CB is that it includes so many default plug-ins and modules — because of its aim to become a Community Builder.

    The more of these extensions being added, the greater the chances of incompatibility. And, when something goes wrong, it takes forever to diagnose what went wrong.

    What is needed therefore would be a much simpler and lighter registration-login module that has the minimum components so that it can be easily modified. In my case, for example, it must address the following:

    a.) verification of email address
    b.) activation of account by registrant
    c.) password retrieval (with verification before it is sent)

    the above are already done by Joomla registration; however, the above may be easily circumvented by bots and spammers. So, there must be additional security measures added:

    d.) admin approval of valid registration => this may include requiring more information at the discretion of the admin.
    e.) use of captcha to further limit spammers

    Again, CB provides all this, and quite well actually. The CB captcha even has audio verification not found in many captcha.

    The only catch is that because of the other components lumped with CB, it is becoming bloated, and required thorough checkup before it is released. [ It is not as bad as Microsoft OS (I heard the latter is now more than 1billion of script commands or something like that).] Thus, the delay of many many months before a CB is released, and usually sometime more after that for the bugs to be solved. Then comes another Joomla update.

    The solution to this is to separate the core of the registration-login module (and related components) from the other features that are not germane to these functions.

    There are other features in a registration-login that needed to be addressed to thwart spam registration/login (apart from those already stated above).

    f) specification (by admin) of minimal number of letters, numbers or other symbols used in the username and password.

    g) security questions that must be answered by registrant, to improve security before new password is released (in case forgotten)

    h) defined number of allowed login (before a lock up for a defined period of time), at the discretion of the Admin

    i) a defined period of time before a password will elapsed and needed to be changed.

    The additional features are already found in some more secure CMS, like that of TikiWiki (an open source software) — so a very innovative programmer could even easily use that as a starting point.

    I am sure others like you might have some other features you want incorporated; but the goal must be to create a module that is as light as possible.

    I would be interested also if Joomlart management would actually be involved in this. Why? So that they could make sure to update it and test it with their templates, as Joomla is being updated too.

    The trouble with third party software is that if something goes wrong, and you ask for help, the first reaction is the possible incompatibility with other programs. Joomlapolis is unlikely to test it with every Joomlart template.

    Cornelio

    Menalto Friend
    May 26, 2008 at 9:17 pm #250648

    When the new CB is out, its way more easy to get a custom log in module made, with the new options in it etc.
    I suggest to wait until CB is released for public.

    cgc0202 Friend
    May 27, 2008 at 4:01 am #250678

    Thanks for responding Menalto.

    Frankly, I am trying to find an alternative to CB by Joomlapolis. They are too slow in their update and the entire CB keeps on adding too many extensions. Some of them may be interferring with the other extensions I am using — causing some problems.

    I understand that Joomla staff itself is working on this issue, and is in the “white paper” stage. This would be good because the “registration-login” would be updated in line with any Joomla update. However, it won’t be implemented until Joomla 1.6x. — that may be a year or so, or even longer from now. Obviously, the core staff did not consider it a big issue, so I do not know how much effort they are placing in resolving this problem.

    Cornelio

    rimas Friend
    July 30, 2008 at 12:11 pm #263060

    Have you find anything ? Anyone made CB login module for Teline II ?

    cgc0202 Friend
    July 30, 2008 at 2:09 pm #263075

    <em>@rimas 70536 wrote:</em><blockquote>Have you find anything ? Anyone made CB login module for Teline II ?</blockquote>

    There is not much support for it right now, rimas. Would you be willing to help pay for an alternative? We may do that through the Collaborative Support Group, where member will share the cost to pay for extensions needed.

    Cornelio

    rimas Friend
    July 31, 2008 at 6:53 am #263165

    My project is non commercial but I think I could pay some money. How much is it ? How many members interested ?

    cgc0202 Friend
    July 31, 2008 at 4:42 pm #263232

    <em>@rimas 70685 wrote:</em><blockquote>My project is non commercial but I think I could pay some money. How much is it ? How many members interested ?</blockquote>

    Hi rimas,

    How soon do you need it?

    What version of Joomla are you using for the Teline II, rimas? The old CB Login works for Joomla 1.0x. I just have to place the CB Login either on the “left” or “right” position. Not at the top.

    I do not like placing a login at the top in the same line as the logo section anyway, where it is placed now. I want it somewhere well at the very top or elsewhere.

    I tried the CB v1.2RC(???) but it is not working for me for the Joomla 1.5x. Right now, I am using the default registration/login of Joomla, and I do not like it at all. I cannot have the option to approve those who register. This is very criical, for some purposes, like you want to limit who can have access to the site, or you want to avoid spamming.

    As you can see from the poll, there is not much interest, so I have not asked anyone yet to do the work.

    The power of numbers

    Just imagine if it costs $200-$500 to have such a script, and there are these many people sharing the cost:

    10 people => $20-50 each
    100 peopl => $ 2-5 each
    1000 people => $0.2-$0.5 each

    The cheaper cost burden per person if there are enough of us. That is why we who create websites have to band together. We need more than templates. And, there will always be times that we need other stuff, apart from the one discussed here.

    Cornelio

    mj1256 Friend
    July 31, 2008 at 5:42 pm #263242

    that doesn’t make any sense. if there is a demand for it, why shouldn’t JA just make the module and then charge for it.

    that makes more sense from a business point of view.

    bossep Friend
    July 31, 2008 at 7:23 pm #263251

    Hello Cornelio,
    Well the idea sounds good. But don’t you think there is something out there that works?
    I am actually writing something similar in ColdFusion just now. But it is a complete security package.
    But let me tell you it is not as easy as you might think.
    I do believe that just by adding captcha functionality to the current login system should probably solve a lot of problems. If you need more security, then it has to be pretty well defined taking in consideration the security or lack of it in PHP, MySQL and Joomla. Also should it use SSL, encryption of the extension or something else? Remember a security system is not stronger than its weakest link.
    So let’s draw up the specs before hitting the development, always a good idea.

    I could probably pay some <$100 if it will be a FREE for all. I am not interested to pay for something someone else makes money on! NOT good business practice in my opinion.

    Bosse

    cgc0202 Friend
    July 31, 2008 at 7:58 pm #263258

    <em>@mj1256 70794 wrote:</em><blockquote>that doesn’t make any sense. if there is a demand for it, why shouldn’t JA just make the module and then charge for it.

    that makes more sense from a business point of view.</blockquote>

    Think of it this way mj, why is Toyota the largest automaker in the world now, while all the three big US automakers have lost billions of dollars (Chrysler even is in private hands now). A conservative (in the American lingo) would blame the big union of the auto-industry as the source of the all the problem, but if you dig deeper, the management who are paid tens of millions of dollars, even when the company is losing money — made no business sense. You may not agree with the perspective of John Kenneth Galbraith, a Keynesian and quite liberal in his outlook, but his book “The New Industrial State” is a good analysis of what ails business in America (well mostly), today.

    The Japanese automakers, after the initial shock of the 1970(?), has consistently improved their car efficiency. Japan, after all is more dependent on foreign energy sources, and all raw materials sources, at the time. How did the “great thinkers who made business sense” in America respond? When US Congress tried to pass laws to improve energy efficiency of vehicles in the US, the auto industry used all their political chips to skuttle this. In fact, when SUVs have become the status symbol, not only have they fueled the craving, but found loopholes to further get away from energy efficiency initiatives.

    Then, 2008 came — where $4 per gallon became the thing. Still cheaper than most places in the world, but that is a doubling in price, from just more than a year ago.

    So, in the real world, people, or leaders do not always do what made business sense. And these are people who are supposed to be the best minds of the US business making the decisions.

    To bring this back to the topic here, the answer is quite simple — the interest or focus of Joomlart may not be the same as that of the customers. What would be good for the customers who want it, may not be profitable enough for Joomlart. And, even if it were so, there is a caution because of the mindset of some Joomlart customers

    Just consider this, when Hung stated that they will charge an extra price for the new Extensions being tested (above), the knee-jerk reaction of some customers was a sense of entitlement:

    “I paid my $70, I should get everything free — that is what the Joomlart ads (or so they claim) stated.”

    With such attitude, how would it make business sense to Joomlart to cater to a very very small minority of their more than 20,000 satisfied customer that want something different from the standard Community Builder? The Poll participation does not support an overwhelming interest. And, among the responders, there are more who are not inclined to participate.

    So, it does not make sense for Joomlart, or for that matter most Joomlart customers. Bt, if a customer really wants it, what makes business sense to them is to band together to minimize their cost, as shown in the “power of numbers”.

    Surely you would concede that you would rather pay $50 than $500?

    If that does not make sense to you, then there is no sense to even pursue the matter.

    Cornelio

    bossep Friend
    July 31, 2008 at 8:15 pm #263261

    Hello Cornelio,
    Do you have somting installed on your local machine so you can use localhost?
    I dont as I run on a client/server platform here.
    If that is so could you please test this?
    http://www.joomlapi.com/admin-user-access/

    Bosse

    bossep Friend
    July 31, 2008 at 8:20 pm #263262

    Cornelio,

    Who is going to develop this thing?
    What does the budget look like?
    What does the specs look like?
    What does the people “investing” get? Free use of the Extension or?

    Bosse

    cgc0202 Friend
    July 31, 2008 at 8:32 pm #263264

    <em>@bossep 70808 wrote:</em><blockquote>Hello Cornelio,
    Well the idea sounds good. But don’t you think there is something out there that works?
    I am actually writing something similar in ColdFusion just now. But it is a complete security package.
    But let me tell you it is not as easy as you might think.
    I do believe that just by adding captcha functionality to the current login system should probably solve a lot of problems. If you need more security, then it has to be pretty well defined taking in consideration the security or lack of it in PHP, MySQL and Joomla. Also should it use SSL, encryption of the extension or something else? Remember a security system is not stronger than its weakest link.
    So let’s draw up the specs before hitting the development, always a good idea.
    </blockquote>

    Hi Bosse,

    The bottom line is this, if one who is good enough wants it badly enough to attack your site, they can do it. I forgot which country in Eastern Europe now, not sure if it was Lithuania or one of those with large Russian population. The Russians objected to the moving of the statue of a Russian hero to a much less conspicuous place. So, there was this internet attack that was not really even made secret — all the best minds in internet security from all over the world tried to either help or at least observe.

    All the best minds in the world were not able to fend the attack, they were just able to minimize the impact.

    it is easier to destroy than to build. If only all people are decent…:)

    And, if you read the papers, the past few days or attuned to security issues that has been known to inner circles, there is an even greater threat than all those you stated, or we are talking about..

    I am quite aware of the issues you stated, one of the reasons why it took me time to even consider Joomla. So, you address them in stages. First, the most annoying. Those that take so much of your time — the spammers and the bots.

    Some of the issues dealing with security are called in general as ACL (Access Control List) — the permissions systems. Joomla has one of the most primitive ones.

    There are more of course, and it could be as simple as common sense. For example, you can take all the security precautions to protect your house, but if you leave your door open, what good would it do?

    An example of leaving your door would be, a very insecure password.

    Just to bring home the reality of security, I was careful to use my credit cards, and yet my identify was still stolen. It is good that Charles Schwab knew my payments habits (a privacy concern) but it helped them detect right away that some charges to my account looked fraudulent, and called me right away. That was not the case with one of my cards. I found it out only by mistake.

    Alas, we live in dangerous world, especially now made legal and very lucrative industry to sell personal information. More so because people value the essence of privacy, these days.

    <em>@bossep 70808 wrote:</em><blockquote>
    I could probably pay some <$100 if it will be a FREE for all. I am not interested to pay for something someone else makes money on! NOT good business practice in my opinion.
    Bosse</blockquote>

    Well, you are paying for this Teline II template. Someone is making money out of it, so I heard.:) I have no objection to people making money — after all we have to earn something to feed that hungry stomach.

    In a more ideal world, what I envision is a place where those who did the most work, and the most good will be making the money.

    I see no sense in people getting richer, just because they were born simply with a silver spoon. Nor do I see logic in “stock market” speculators becoming the king makers these days.

    I had this idea since I was an idealistic student that “wealth is a social phenomenon”.

    Cornelio

  • Author
    Posts
Viewing 15 posts - 1 through 15 (of 22 total)
1 2

This topic contains 22 replies, has 10 voices, and was last updated by  joof 15 years, 4 months ago.

We moved to new unified forum. Please post all new support queries in our New Forum

Important Notice :

New Unified Portal is live

Must Read

Jump to forum

Categories