Quote:
Originally Posted by Robbie
I have a question...a couple of years back we encrypted the emails on our SQL database.
We use PhantomFrog for password protection...it immediately could no longer work.
Since it authenticates against the data base and checks for username and email in order to work...it fucked everything up.
So we unencrypted it again (we only encrypted it at the urging of the NATS techs to begin with).
Here is my question: How do you get around something like that if you have the emails encrypted?
We do a lot of other things in our members area at Claudia Marie (member profiles, etc.) that also depend on username/email to authenticate (not to mention two different members areas, one for affiliate joins and one for type ins that also require that info).
If a persons setup NEEDED to have the emails unencrypted...does MPA3 give them that option?
|
If a client requests that the emails are not encrypted - no problem.
But there is no need for that. Our integration with PhantomFrog is set
so that they contact an MPA3 script to change the member's password, and
MPA3 sends an email to the members notifying them that their password has
changed, and providing them the new password.
If public/private keys encryption is used, MPA3 can send a request to a
server where the private key is, and this other server can send the
email.
Or we can queue the emails that need to be sent in the MPA3 db, and
the server that has the private key can connect to the MPA3 db,
decrypt the addresses, and send the queued emails.