[phpesp-dev] Proposed changes.

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I've fielded several problems lately on #phpESP relating to the
mysql_populate.sql script.  It appears it is failing on mySQL vs 4 and
above.
The fix looks to be simply changing all:
NOT NULL DEFAULT '',
to:
NOT NULL,

See bug #: 890830

I want to commit these changes to CVS, any commments?

Also, I've had a feature request tagged to me for a while to implement
LDAP respondent accounts.  I have this implemented in a way that works
for us(MUSC), but it's done in a way that would allow for other
authentication methods to easily be used.  Instead of extending the
account/authentication functionality inside ESP, I choose to implement
the concept of a "valid URI" that a survey can be called from.  Then
from Apache you can use any authentication method it supports(which is
huge) to limit access to the Survey.

For example:
- The directory .../phpESP/public/access-ldap/ exists

- The valid URI for a survey is access-ldap

- Apache is configure as:
<Location /access-ldap/>
  AuthName "(LDAP ID and Password)"
  AuthType Basic
  AuthLDAP  "some ldap config here"
  require valid-user
</Location>

- The survey is activated.

- It is accessed by the normal "/public/survey.php?name=blah" url and
access is denied.

- It is accessed by the "secured" URL
"/public/access-ldap/survey.php?name=blah", a "Basic Auth" login is
prompted by Apache.  If the user has a valid account, they can access
the survey.

Do you guys like this approach?  Hope I managed to explain it well
enough.  If so, I'll clean it up and send out a patch that against CVS
for testing.  If not, I'll keep it as a local extension.  I'll take no
response as a "go a head and do it" (-:

-- 
mcg
--
The IT Lab (http://www.itlab.musc.edu)