[TYPO3-core] RFC: #15812: Add backend maintenance for login news
Ingo Renner
ingo at typo3.org
Wed Oct 6 15:35:52 CEST 2010
Sebastian Michaelsen wrote:
Hi Sebastian,
> I would not call it abuse but creative usage
please see below.
> The point is that you're adding a limitation for no good reasons as far
> as I understood it - correct me if i'm wrong.
The reason in essence was security. I wasn't sure about it in the first
place, but after having heard the opinions of security team members
that's the route we went. You can find the details earlier in the thread.
However your issue is a fine line to walk:
* You were using the system to _login_ users
* The feature is called (also was before) login _news_
... two completely different use cases.
So you should have chosen a different way from the beginning. Using the
login news feature of course was a low hanging fruit as you didn't have
to create a new hook, manipulate templates or anything else. However,
the feature clearly is supposed to be used for _displaying news_.
Please don't feel offended, but I guess when trying to look at it like
this you'll come to the same conclusion - that's what I hope at least.
IMO, for your purposes, you should create a new way to manipulate the
login screen instead of (ab)using the news system, you're clearly not
displaying news, do you?
grtz
Ingo
--
Ingo Renner
TYPO3 Core Developer, Release Manager TYPO3 4.2
More information about the TYPO3-team-core
mailing list