[HacktionLab] progress on registration form

Mike Harris mike at mbharris.co.uk
Tue Apr 27 08:16:53 BST 2010 

Hi Yoss,

See my in-posting below.

On 26/04/2010 10:05, yossarian wrote:
> Hi, I've made some progress on the registration form although it's not
> totally done yet (the basic taking of signup info works, but I'm
> planning to build a little admin system and I need to be able to secure
> that).
>   
nice one.
> Some stuff that'd help:
>
> a) we need somewhere to host it, so can I either get something like
> registration.hacktivista.net pointed at 93.93.128.151 or login creds for
> somewhere else to put it (I don't mind setting up another box as long as
> it'd Debian-based :)).  I don't have a strong preference which way this
> goes, it's a little less work if it's on my box but it might be nice if
> other people could easily tweak the app (stylesheets etc) and it might
> be easier to do that on a box that more people had access to.
>   
I can get the DNS set up to point that URL to that IP.

Elsewise we can just host the page under the current HL site (a Psand -
read trusted - virtual server) under a URL such as
hacktivista.net/barncamp/register/ ...

What is it written in?  If it's Rails then perhaps you could host it on
Escapegoat, else if it's PHP, I'm happy with it on the Psand vs, I can
easily set up ssh access for a number of people to manipulate the site
on that box.
> b) I assume that the signup app should enforce SSL on the registration,
> that any admin system stuff should be done over an encrypted connection,
> and that I should be using a self-signed certificate, are these
> assumptions correct?  People are going to get the Big Scary Security
> warning, is that ok?
>   
An admin system will be neat, but the most important thing for us is to
get the registration form up ASAP, so it wouldn't be great to hold off
the role out of the booking form for an admin system.

As output from this system we only really need the ability to pull the
data out of the database into CSV format, so it can be imported into a
spreadsheet and correlated with payments.  An alternative quick
interface would be a simple HTML listing of all the bookings.

Obviously go for what you're up for doing, but don't get carried away
and put loads of time in unless you want to, as I said the main
requirement here is to get the bookings form on-line ASAP in order to
start taking bookings and payments, and to be able to extract the data
out in one form or another.

SSL-wise.  Hmm, good question.  Well we're not taking payments over this
system (paypal will be used and they use SSL) so I think we could get
away with not having SSL on the booking form, so as to avoid that bloody
warning, which tends to put people off.  We ought to use SSL on the
admin side perhaps, or at least a password protected URL such as
register.hacktivista.net/admin/

> Yossarian
>
>
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.psand.net
> http://lists.psand.net/cgi-bin/mailman/listinfo/hacktionlab
>
>
>

More information about the HacktionLab mailing list