CodeIgniter Community Voice - Michael Wales

[eluser]Derek Allard[/eluser]
EllisLab is blessed with two of the greatest communities that can be found anywhere on the internet in ExpressionEngine and more recently CodeIgniter. Despite being a relative newcomer to the scene, the people attracted to CodeIgniter are among the smartest, most talented and down-to-earth developers around today. From time to time we want to highlight some of these talented people, and we've asked them to lend their voice to ours. Have your voice. I hope you enjoy what they have to say as much as I did.

This week, our Community Voice author is Michael Wales, a programmer, a father, an aspiring author, and an award winning Airman. For the past 3 years, he's been focusing the majority of his time on CodeIgniter. He is among the most consistent contributors to the community, has released numerous libraries and tutorials, and is one of the most highly sought after freelancers within the community.

What follows is a summary in his own words of how CodeIgniter has changed how he works, and how he develops.

Read the full article

[eluser]BoltClock[/eluser]
Awesome. I've been feeling bad that I haven't appreciated the CI community as much as I used to last year, and all because I've been taking a break from both CI and PHP in general.

I should hang around much more often. CI rocks. We all rock.

[eluser]sikkle[/eluser]
I just take two minutes to say i totally agree, whales put effort and make decent contribution for ci.

good luck with your new challenge M. Whales.

[eluser]Eric Cope[/eluser]
Michael has helped me on several issues. His contributions here are fantastic. Congrats on the accolades.

[eluser]Derek Allard[/eluser]
Yeah, Michael is a heck of a guy. We're lucky to have him, and many, many (many) other smart people who make this community a better place.

[eluser]Lewis[/eluser]
[quote author="Derek Allard" date="1213951249"]I know what you’re thinking. If the database is stolen they’ve got the password and the dynamic salt “What good is that?!” This is where a static salt comes in. [/quote]

Not entirely true. A salt makes the hash completely different. This means that the most practical method of using hash rainbow tables (a dictionary of pre-computed hashes and their original values) is useless.

So it's still 99% effective and something everyone should do. Even a simple static hash is better than nothing, and they're no trouble to implement. It's just a shame sites still insist on storing passwords in plaintext.

[eluser]Derek Allard[/eluser]
Lewis, I think that's out of context, and mis-attributed to me. Is this where you want that published?

[eluser]Eric Cope[/eluser]
[quote author="Lewis" date="1214881652"][quote author="Derek Allard" date="1213951249"]I know what you’re thinking. If the database is stolen they’ve got the password and the dynamic salt “What good is that?!” This is where a static salt comes in. [/quote]

Not entirely true. A salt makes the hash completely different. This means that the most practical method of using hash rainbow tables (a dictionary of pre-computed hashes and their original values) is useless.

So it's still 99% effective and something everyone should do. Even a simple static hash is better than nothing, and they're no trouble to implement. It's just a shame sites still insist on storing passwords in plaintext.[/quote]

I like comments out of left field. It always keeps me on my toes.

[eluser]Colin Williams[/eluser]
This was very well written, albeit rather gushy, by Mr. Whales. Good luck, Michael.