[ic] For review - new Strap template for Interchange 5
Josh Lavin
jlavin at endpoint.com
Wed Nov 18 22:19:15 UTC 2015
Quoting Peter (peter at pajamian.dhs.org):
> On 08/08/2015 12:10 PM, Josh Lavin wrote:
> > The "Strap" template which Greg Hanson and I have been working on for a
> > couple years now has been updated to Bootstrap 3.x latest.
> >
> > If you weren't aware, Strap is a new template for IC 5.x, which is
> > completely modern HTML5 + CSS. It is based on the Bootstrap Framework,
> > and includes several improvements, such as SEO-friendly results,
> > better gift certs, checkout with usability features, etc (see more in
> > the link below).
> >
> > In preparation for replacing the old "standard" template for IC, I could
> > use some help in reviewing the "strap" template, to ensure it is ready
> > for prime-time.
>
> I just got around to having a look at some of the code for this and have
> a couple of suggestions:
>
> 1. Customer and affiliate passwords should be encrypted with bcrypt,
> not plain text. I think the time for allowing plain text storage of
> passwords is long past and IC is perfectly capable of using the current
> recommendation for this which is bcrypt.
>
> 2. Not a strap issue, but admin passwords should also be bcrypt now,
> not old crypt.
Thanks, Peter. These have both been addressed, and pushed live.
--
Josh Lavin
End Point Corporation
More information about the interchange-users
mailing list