Issue #659 has been updated by Clément OUDOT. Target version changed from self-service-password-? to self-service-password-0.9
---------------------------------------- Feature #659: Partially hide mobile phone number, to prevent username to phone number lookups (privacy) http://tools.lsc-project.org/issues/659 Author: Stephan Hughson Status: Assigned Priority: Normal Assigned to: Clément OUDOT Category: Self Service Password Target version: self-service-password-0.9 Thanks for the self service password reset tool, first of all. It's very useful. There was a slight privacy issue for our users, as you can look up a user's mobile number just by knowing the username. In some companies that's ok but not all. I have adjusted the code slightly in my installation but I think it may be a useful feature for everyone. Please excuse my poor coding... In config.inc.php , I added a variable: ## SMS # Use sms $use_sms = true; # GSM number attribute $sms_attribute = "mobile"; # Partially hide number $sms_partially_hide_number = true; Then in sendsms.php , on line 234: <td><?php if ($sms_partially_hide_number) echo (substr_replace($sms, '****', 4 , 4)); else echo $sms;?></td></tr> so the phone number is displayed for the user to confirm, but not all of it. Thanks for your help. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
