I am using forms authentication and have provided a couple of searh boxes to allow searching by username and email address.
So, I can do this to search by name
Membership.FindUsersByName(username, page-1, PageSize, out total);
and I can do this to search by email address
Membership.FindUsersByEmail(email, page-1, PageSize, out total);
Problem is that in the case when the user searches for a username and an email address at the same time I am going to bring back all users with a particular email address and then do a search within that to get all users who match the user name specified. I won't be able to page the first call. If there are a large number of users brought back in the first call then this could have a performance impact.
Is there any solution to this?
Thanks,
sachin
Related
I am working on a function that allows a user to check if their existing device contacts are using our platform, based on phone numbers.
For privacy and security, we are hashing the user's contact's phone numbers on device (salted with the user's id) before sending to our server.
Server side, we then need to hash our entire contacts table (using the user's id as a salt), which is currently being done in a for loop.
We then check this list against the request list, and return the details for any matches.
However, I'm sure there is a more efficient way of doing this, something like computing the hash in a calculated field then including the $request->hashes in a "whereIn" clause.
Could someone give me a pointer on the best approach to be taking here?
The question is, what privacy and security are you achieving by sending hashed value of contact number?
You are hasing the contact in client side(device), that means you are using a key and salt that is available in clinet side already. How can that be a security feature?
If you want to search hashed value in database then it's better to save hashed contract number in a column in the first place. So you can directly run where query in database table.
Ideally, if you really concern about user's contact number you should:
Encrypt the user's contacts in backend/databse not in frontend.
If you need to query for a field in database then you should make a hash valued column that can be matched easily. I mean searchable fields should be hashed so you can run direct query.
Nothing to worry about user's contact security in frontend if you are already passing it trhough Secure HTTP(HTTPS).
Even it a common practice in the industry, to pass a submitted plain password via HTTPS when a user submit it in frontend. It shouln't be a concern of privacy or security.
I am trying to get historical data for all of our Yammer posts. We are very active, and like to look back sometimes. The data is loaded into a data warehouse.
For current messages, I get a list of users and then match messages against the user list. I can then use the email address as a unique identifier for the user (our users likes to change their names on the network to goofy names, or to someone else's name) to match it up with the rest of the user information we have for them.
The problem is that I when I start going back in time with the messages, the only information I get about a user is the ID and the username for users that are suspended or deleted. I can't seem to establish a way to match the username against a person. Some of the usernames contain periods (firstname.lastname), and other don't.
Is there any way to get the email address of the suspended/deleted user?
I am trying to search through "my contacts" on my google account. The account belongs to a Google for Business domain. I have already managed to retrieve all contacts which works by querying to the following url:
https://www.google.com/m8/feeds/contacts/{userEmail}/full
or
https://www.google.com/m8/feeds/contacts/default/full
Now, when I search using the q=searchString or myQuery.setFullTextQuery(searchString); (in Java). I only get some of the results. In particular contacts that I have created and do not belong to the same domain as me.
I assume that this has to do with the fact that google has not stored a name entry for contacts tha have a directory profile. Thus it will only search within their email address (and if I'm lucky and the email address contains the name only then it will find it).
As a workaround I also get all the profiles (which does not seem to work with a full text search string) from the domain and then merge/parse them in order to get the results I need.
My question now is, is there a single call in order to retrieve ALL contacts (from my contacts) that contain a specific search string in either the NAME (first and last), EMAIL and perhaps field labels?
I do not see a point of using a full text search string when the contact entries that have a directory profile do not contain any name... (it is stored in the profile).
Many thanks in advance!
You should fill all fields manually(only primary email and photo shared between directory profile and your contact) in contact entry. So you can't find in one request all that you need
How to search for people in Google Plus using email?
e.g. this query never returns anything:
https://www.googleapis.com/plus/v1/people?query=[email_address]#gmail.com&key=MY_KEY
I tried a db of a thousand emails at least,
Also I have an account with very strange name, when I search by name I get the result, but with email I don't , I tried to url encode the email but still it didn't work.
The email address must be set as a public field in the user's Google+ profile to be able to search and find that entry. The people.search method only searches public fields.
In my application I have an administrator who can create Tournament objects. When the object is created the service also creates a user (based on the tournament director's info which was entered at creation). The username for the user is the director's e-mail, the password is randomly generated and then mailed to the director.
When the director logs on with his e-mail address and password, I need to be able to link him to his own tournament, in order to only allow him to edit his own tournament's details. I have tried to find a way to store the TournamentId in the default ASP Net Users database, but was unsuccessful.
I had a look at this SO question which would certainly help me, but I can't figure out how it would apply to my problem. When the user logs on, I can't put the TournamentId in the userdata seeing as I don't know it.
Should I then do a lookup in the Tournament table to see which ID corresponds to the email address entered at login and store that in the userData? It seems quite unelegant this way.
I guess you should have a CreatedBy column in your Tournament table where you store the ID of the user who created the tournament. Then when the user logged in, get his id ( may be from session ,if you store it there), Do a select query where CreatedBy=loggedInUserId .That should do the trick.