Menu
▾
▴
Re: [phpesp-general] How do you show public results?
|
From: James E. F. <jf...@ac...> - 2002-04-19 15:29:19
|
Nope not at all, authentication is not needed. If you take a look at the handler code, it checks the local variable "$results" and if it is set to true it show results rather than the survey. However, it makes sure that $HTTP_(GET|POST)_VARS['results'] are not set, so that arbitrary web users cannot see the information (by setting results in the URL). For private surveys, the handler requires authentication, so therefor the results of private surveys require authentication too. The 'test.php' script I have on the sf.net servers basically bypasses the check of GET vars, so that I can put "results=1" on the URL (as I did below) without getting "security violation" errors. So for example if you have this: <?php $sid=42; include('.../handler.php'); ?> try this in another page: <?php $sid=42; $results=1; include('.../handler.php'); ?> Hope that helps. Take it easy, -James On Thu, 18 Apr 2002, Cédric Levasseur wrote: > James E. Flemer wrote: > > I have posted a survey to get some feedback on the policy > > used for the "return" link on completed surveys. If you > > have an opinion please take 5 seconds to submit a response > > (only two questions). > > > > Vote: > > http://phpesp.sf.net/demo/test.php?sid=2944&userid=general > > Results: > > http://phpesp.sf.net/demo/test.php?sid=2944&results=1 > > Please let me know how do you make public results on a survey like this. > Shouldn't repondents need to authenticate into administration to show > these results? > > Thanks > Cédric |
