Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
Community › Forums Register  |  

AppTheory specializes in solutions based on the DotNetNuke platform and has 2 employees on the DotNetNuke Core Team.
  Need Help?  
Professional technical support for DotNetNuke is available from DotNetNuke Corporation.
 


  Ads  
WebHostForAsp.net
 


  Sponsors  

Meet Our Sponsors

DataSprings - Great Ideas. Always Flowing.
R2integrated - formerly bi4ce
Jango Studios - Skins, Modules and Hosting for DotNetNuke
eUKhost.com is commited to offer exceptional UK Windows Web Hosting solutions with quality 24x7 technical support.Our plans support ASP.Net, ASP, ASP.NET Ajax extensions, XML, MSSQL, MySQL, PHP,DNN, multiple domains and Shared SSL as standard.
SmarterTools
The Official Microsoft ASP.NET Website
 


DotNetNuke Forums
 
  Forum  General DotNetN...  Extend It! ( Pr...  URL Expiration
Previous Previous
 
Next Next
New Post 2/1/2008 2:29 PM
Unresolved
User is offline Gary Bruno
9 posts
10th Ranked


URL Expiration 

Mass emailing links to orders, private product, etc is something I do. Customer places an order to something and they receive an email for it. Standard thing right. I do not require the customers to logon to view that "order link" they received in there email. The combination of order#/date-placed is enough that brute forces attack will never yield anything useful to someone trying to figure out what has been ordered from us. This all breaks if the user copy/pastes that URL to somewhere & that URL ends up in the public. I needed a way to make that URL expire after X days.

Does anyone see a problem with adding any additional URL parm like

?secexp/AW*D(JP(@#R*$@#

that contains the experation date encrypted by the DotNetNuke.PortalSecurity.Encrypt(string,string) method?

 

I would then tweak the DotNetNuke.HttpModules.UrlRewriteModule to look for & decrypt the secexp parm & throw an HttpException if the date was not valid. Anyone see a fast way to hack that?
 
 Page 1 of 1
Previous Previous
 
Next Next
  Forum  General DotNetN...  Extend It! ( Pr...  URL Expiration
 


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.
 


TMA Resources
TMA Resources is a software company providing eBusiness solutions for the Association market.
www.tmaresources.com 		DotNetNuke Hosting Provider UK
UK leading DotNetNuke Hosting provider. Owned and operated by a Microsoft Gold Certified Partner.
www.DNN-Portals.co.uk 		Alliance Systems & Programming Inc
Alliance is not just our name... it's how we do business. We partner with our clients, learning their business processes and standards and then applying our expertise to help them improve their workflow and profitability.
www.Alliancesys.com

DotNetNuke Corporation   Terms Of Use  Privacy Statement
DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation
Hosted by MaximumASP