If there's really a need for opt-in, I think that the toolserver should provide a better method for authenticating users. Since most tools can't access user's passwords, maybe root should provide a single page where users can enter their site + username + password, and a cookie could be set, and it would redirect back to the original toolserver tool, and any toolserver tool can read that cookie to confirm the user is who they say they are. In this way, it would be much easier for any tool to implment an opt-in / opt-back-out mechanism, and it would be more user-friendly for end users as well. There are also tools that would be useful to provide to admins or checkuser accounts only, and a central authentication page would allow this to function as well. Currently, if admins want to use my tools to investigate possible sockpuppets or the like, they have to ask the sockpuppet to opt-in first. I think my current opt-in code is interesting, but it is not a long-term solution. It is too cumbersome for users to opt back out, or to ask for only specific features to be opted-in. -Dave On Sun, Aug 06, 2006 at 07:34:12PM +0200, Jakob Voss wrote: