Privacy policy
+ My general approach to your privacy is to know as little as possible, + but I still do have access to some information, here is a quick overview. + If you have any questions about any details, feel free to checkout the + source repo or shoot me an email, both are linked in the footer. +Logs
+ This is at the very top because it affects every visitor. + I do currently have default apache access logging turned on, so every + time you request a page I log it in the Common Log Format, + you can learn more about it + here. + But to sum up the information you are most likely to be interested in: + I know which IP address requested what page at what time. +Cookies
+ I do not save any cookies by default, but some actions on this + site might set the PHPSESSID cookie. You may learn more about when, + why and what it stores below. +PHPSESSID
+-
+
- + When? + This cookie gets set when you log into your account. + +
- + Why? + I need to store the information about the logged in user somewhere, + I do that on the server in a so-called session (which is basically a + storage of data that is unique for each visitor). And for the server to + know which session belongs to which user it gives those users which + do have an active session a unique ID that can be used to connect you + to your data. This can be obviously used to track you across the site, + so I only set it when absolutely neccesary. + +
-
+ What?
+ The session only contains the User class for the currently
+ logged-in user. It has the following properties:
+
-
+
- user_id +
- user_name +
- permissions +
+
Database
+ If you want to see the details, feel free to have a look at the sql file + in the source code repo (linked in footer). But here I shall provide a + quick overview of all the data I store about every registered user: +-
+
- + user_id + Unique id of the user, it is used as a + primary key + for the table. + +
- + username + This is the username the user chose at registration. + +
- + email + This is the e-mail address the user provided at registration. + +
- + password + This is the string representation of your passw- I'm just kidding, + it is the hash of your password as produced by the php password_hash() + function, I use the default algorithm, which is currently CRYPT_BLOWFISH. + +
- + created_at + This is the timestamp at creation of the account. + +
- + permissions + I use this to decide what user can do what, currently it is only + used to allow me to post blogs. + +
+ And that should be all! I will try to update this page as needed, but + if something seems off to you do shoot me an e-mail! +
+