[]
JoshPet said:It's much easier to use the thereads authenticate() function as we do here with the chat mods and such. Then you can use threads user groups to control access.
[/]
As mentioned by another poster below, this can easily be defeated. I want to implement a Java Chat, for example.
You told the the nick change function can be shut off in the paid version. Still I am sure this can be defeated. I don't want to tell her in public how someone can log in with a registered nick without the password, but I am quite sure I know of several methods.
Can you assure that in the chat no nick falsification is possible? Actually, in the case of the chat, the only safe way is to put the authentication with our database INTO the chat software. I did that once with the volano chat
Actually, I think with the .htaccess protection, if we protect all the chat files with it (the .js files), then it is hard to access the chat without the password, as the files cannot be obtained easily. But if the files are not on our server, then this would not do.
But for directories, the only safe way to protect them is apache .htaccess, not just hiding directories. Very easy to find out where they are hidden.