X-Git-Url: http://git.pjr.cc/?p=ga4php.git;a=blobdiff_plain;f=example%2Factivedirectory%2Findex.php;h=c58a44b990b37a113216bed929223eac94104ec4;hp=bf25053caeba08c7bbc951172d3eef4c7d50905e;hb=e49465df93deb42c68a52f47af9b3d5d02e114d6;hpb=c4484d8c40116c1acf7287b7ad22cdf2c87e0bbe

diff --git a/example/activedirectory/index.php b/example/activedirectory/index.php
index bf25053..c58a44b 100644
--- a/example/activedirectory/index.php
+++ b/example/activedirectory/index.php
@@ -4,7 +4,16 @@
  * AD has several attributes you can use for storing your own data, and
  * thats what we use
  * 
- * This is only the beginning code, 
+ * This is only the beginning code, for starters we need some way of encrypting
+ * the data we put in AD cause the extensionAttributes1-15 are globally readable
+ * and thus the token is completely insecure. This is easy to fix though as the
+ * encryption just needs to be a static set key within the class that puts/gets
+ * data. At least, for the example we should set a GOOD example and do this
+ * other implementations might even want to implement their own schema such that
+ * permissions around that token key are strict in the schema, however encrypting
+ * the data is not a bad idea. The key for the encrypted data can be very long
+ * and very random as its not designed for user interaction, though it should be
+ * backed up occasionally
  */
 
 // set these