91 lines
3.1 KiB
PHP
91 lines
3.1 KiB
PHP
<?php
|
|
display_header("Privacy policy");
|
|
?>
|
|
|
|
<article>
|
|
<h2> Privacy policy </h2>
|
|
My general approach to your privacy is to know as little as possible,
|
|
but I still do have access to some information, here is a quick overview.
|
|
If you have any questions about any details, feel free to checkout the
|
|
source repo or shoot me an email, both are linked in the footer.
|
|
<h3 id="Logs"> Logs </h3>
|
|
This is at the very top because it affects <b>every visitor</b>.
|
|
I do currently have default apache access logging turned on, so every
|
|
time you request a page I log it in the Common Log Format,
|
|
you can learn more about it
|
|
<a href="https://httpd.apache.org/docs/current/logs.html#common">here</a>.
|
|
But to sum up the information you are most likely to be interested in:
|
|
I know <b>which IP</b> address requested <b>what page</b> at <b>what time</b>.
|
|
<h3 id="Cookies"> Cookies </h3>
|
|
I do not save any cookies by default, but some actions on this
|
|
site might set the PHPSESSID cookie. You may learn more about when,
|
|
why and what it stores below.
|
|
<h4 style="margin-bottom: 8px;"> PHPSESSID </h4>
|
|
<ul>
|
|
<li>
|
|
<b> When? </b>
|
|
This cookie gets set when you log into your account.
|
|
</li>
|
|
<li>
|
|
<b> Why? </b>
|
|
I need to store the information about the logged in user somewhere,
|
|
I do that on the server in a so-called session (which is basically a
|
|
storage of data that is unique for each visitor). And for the server to
|
|
know which session belongs to which user it gives those users which
|
|
do have an active session a unique ID that can be used to connect you
|
|
to your data. This can be obviously used to track you across the site,
|
|
so I only set it when absolutely neccesary.
|
|
</li>
|
|
<li>
|
|
<b> What? </b>
|
|
The session only contains the User class for the currently
|
|
logged-in user. It has the following properties:
|
|
<ul>
|
|
<li> user_id </li>
|
|
<li> user_name </li>
|
|
<li> permissions </li>
|
|
</ul>
|
|
You can learn more about what they mean in the
|
|
<a href="#Database">Database</a> section.
|
|
</li>
|
|
</ul>
|
|
<h3 id="Database"> Database </h3>
|
|
If you want to see the details, feel free to have a look at the sql file
|
|
in the source code repo (linked in footer). But here I shall provide a
|
|
quick overview of all the data I store about every registered user:
|
|
<ul>
|
|
<li>
|
|
<b>user_id</b>
|
|
Unique id of the user, it is used as a
|
|
<a href="https://en.wikipedia.org/wiki/Primary_key">primary key
|
|
</a> for the table.
|
|
</li>
|
|
<li>
|
|
<b>username</b>
|
|
This is the username the user chose at registration.
|
|
</li>
|
|
<li>
|
|
<b>password</b>
|
|
This is the string representation of your passw- I'm just kidding,
|
|
it is the hash of your password as produced by the php password_hash()
|
|
function, I use the default algorithm, which is currently CRYPT_BLOWFISH.
|
|
</li>
|
|
<li>
|
|
<b>created_at</b>
|
|
This is the timestamp at creation of the account.
|
|
</li>
|
|
<li>
|
|
<b>permissions</b>
|
|
I use this to decide what user can do what, currently it is only
|
|
used to allow me to post blogs.
|
|
</li>
|
|
</ul>
|
|
<p>
|
|
And that should be all! I will try to update this page as needed, but
|
|
if something seems off to you <b>do shoot me an e-mail!</b>
|
|
</p>
|
|
</article>
|
|
|
|
<?php
|
|
include_once($COMMONS."/footer.php");
|
|
?>
|