Banner IDs in SLC are hashed before insertion into the database in order to prevent anyone from being able to track an issue back to a particular person. There is a little bit of security through obscurity going on here and it is not a perfect solution, but in this case we believe it is sufficient.
When this was a private project, this hash was simply defined at the top of slc/inc/defines.php, like so:
define('ENCODE_SALT', 'super duper secret');
Although having the salt doesn't make it a lot easier to reverse these hashes, we prefer to keep it secret and changeable.
Please use PHPWS_Settings to create a setting for this, call it "encode_salt", and make sure to use it in the encode() function in inc/functions.php. Also, there will need to be an addition to the settings interface for SLC where this can be set, only by a deity.
┆Issue is synchronized with this Asana task
Banner IDs in SLC are hashed before insertion into the database in order to prevent anyone from being able to track an issue back to a particular person. There is a little bit of security through obscurity going on here and it is not a perfect solution, but in this case we believe it is sufficient.
When this was a private project, this hash was simply defined at the top of slc/inc/defines.php, like so:
define('ENCODE_SALT', 'super duper secret');
Although having the salt doesn't make it a lot easier to reverse these hashes, we prefer to keep it secret and changeable.
Please use PHPWS_Settings to create a setting for this, call it "encode_salt", and make sure to use it in the encode() function in inc/functions.php. Also, there will need to be an addition to the settings interface for SLC where this can be set, only by a deity.
┆Issue is synchronized with this Asana task