PHPJunkyard support forum


https://developers.phpjunkyard.com/

Username and Client Login Area

https://developers.phpjunkyard.com/viewtopic.php?t=512

Page 1 of 1

Username and Client Login Area

Posted: Fri Nov 11, 2005 2:12 am
by kingz
Script URL: HelpDesk Software by phpjunkyard
Version of script: 0.93.1
Version of PHP: 4-5
Hosting company: My Self


I would like to have a add-on that makes it so people need to sign up for a account before posting a ticket and then existing users can login View there tickets the closed ones and open ones! This feature would remove the look-up ticket area so that only the user themselves can look at there tickets they made!

I think this will allow for a more secure helpdesk as if a person now would submit something private anyone with the ticket # can read it!

Posted: Fri Nov 11, 2005 10:46 pm
by Klemen
Hi,

I'm not sure if I will ever add that, will see. But if u look at it the tracking ID does work kind of like a password, it's a bit hard to guess IDs like "Y8QDME2PHB", "HQNUMW827S" etc, isn't it? Unless you know it u can't read others tickets as a visitor/customer.

Regards

update!

Posted: Sat Nov 12, 2005 1:22 am
by kingz
Well lets say they have a scanner and is just go trough random codes till it finds some and if a user submits a request fro to change there password on cpanel or something this could be a very big security Risk! Having a username and password would allow people to sign up and then after setting up their profile name, URL, aim-yahoo-msn contact + more then they can just login and submit ticket without having to fill it all in! Maybe you can use this idea to make Helpdesk V2 or something!

All user have profile that only admin can see! Username password and no ticket can be view unless it admin or the user that made it! (requires login) Sound a bit advance but I but you can recall this as another script! Maybe i can help in developing it!

Re: update!

Posted: Sat Nov 12, 2005 12:07 pm
by Klemen
kingz wrote:Well lets say they have a scanner and is just go trough random codes till it finds some
Considering the odds of actually finding one and the time required to scan through all combinations... it would be easier to hire someone and just hack your server to get all the data. Just consider how many combinations there are ... 10 char long ID made of 29 different chars ... it's been a while since I had math some time ago but I believe that makes 472,733,756 which is A LOT.

I don't like the idea of Hesk V2 and will not be developing this at the moment. If you do have PHP knowledge feel free to add the login feature yourself.

Regards

Posted: Sat Nov 12, 2005 11:30 pm
by kingz
10 char long and ID made of 29 different chars sounds good but wouold it be easy for me to make it like maybe 20 char long thanks

Posted: Fri Feb 17, 2006 11:14 pm
by bart_arg
I use Hesk (no user id, no password) and use another script with user login and password.

About 90% of customers prefer Hesk. They don't like to register, remember user and password.

When they need to open a ticket, they don't have time. They want to do it fast.

In my spanish translation, customer has to identify himself with domain name and registered e-mail. That is enough for us as hosting providers
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited