RE: [Phplib-users] Auth working with a twist
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
RE: [Phplib-users] Auth working with a twist
|
From: Rob H. <rob...@ws...> - 2002-10-13 17:15:32
|
OK, I figured out what it was. You guys are gonna love this. I have JavaScript doing the redirect (as I mentioned earlier). But in the href of the anchor I had "", but not target or anything, so the anchor looks something like this (it does other things, this is just an example). <a href="" onClick="document.all.innerFrameName.src = 'pagename.php?again=yes'; return true"> This way, it displayed the page in innerFrameName, then immediately refreshed it. But adding a # to the href so the anchor became <a href="#" onClick="document.all.innerFrameName.src = 'pagename.php?again=yes'; return true"> now it does not do the immediate refresh. I would expect this on one browser, but I was seeing it cross platform, cross browser. Now, the problem is if I change it to a # and click on it a second time, it does not do anything, but if I leave off the #, then it doesn't work at all on Mozilla or Netscape. AHHH! Rob Hutton Web Safe www.wsafe.com > -----Original Message----- > From: Giancarlo [mailto:gia...@na...] > Sent: Sunday, October 13, 2002 4:02 AM > To: rob...@ws... > Cc: phplib-users > Subject: Re: [Phplib-users] Auth working with a twist > > > Il 02:44, domenica 13 ottobre 2002, hai scritto: > > > Just to run down again, I have a page with an IFRAME imbedded > in it. The > > problem that I am seeing is that the content in the IFRAME is actually > > being loaded, and then immediately reloaded by the browser. So > since I am > > using default auth, I see the login page flash, then the protected page > > appears, because the first time through the again is stripped > off, then the > > page is reloaded, and it falls through the login_if. > > But if you saw the loginform somehow, that means your auth there does not > exist anymore. > Once $auth->unauth() or auth->logout has bee called (and it is > called before > splashing the form), how can then you see again a protected page? > From that > moment, the $auth in your session says you're not authed... > So, on any reload, it would be not login_if that decides, but the > auth->start > in page.inc, that happens before login_if. > So the problem I think is that the session is not freezed for > some reason. > > Inside login_if, basically you are unauthed, the session is > freezed, and the > script exits. So if you could place some echoes just after each of these > necessary calls, and see what the $auth->auth[uid] is like, we > could have a > clue. Or you could try the test defauth.php3 and showoff.php3 > pages with your > 'features' in page_open, and see what happens (if the counters increase > mainly).. > > That login_if can easily become a mini app, that logins/registers users > etc... It is already a bit out_of_place there, inside the auth class. > > Gian > > > So, first of all, has anyone seen a browser refresh a frame > immediately > > when it is loaded before. Is this common behavior? I've never seen it. > > Secondly, the regex that removes the "again" looks like it removes > > > everything after the ?. > > Till the next '&' or end_of_string I think it is... > > > This isn't a good idea IMHO because you can't pass > > variables to the page. Am I reading it wrong? and if not, should it be > > made more specific to just remove the "again". I'm not a regex person. > > > > > > Rob Hutton > > Web Safe > > www.wsafe.com > > > > ********************************************************************** > > > > Introducing Symantec Client Security - Integrated Anti-Virus, > > Firewall, and Intrusion Detection for the Client. > > > > Learn more: > > http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271 > > > > View our Symantec Client Security Demo: > > http://enterprisesecurity.symantec.com/symes238.cfm?JID=3&PID=11624271 > > > > Download the Symantec Client Security Fact Sheet: > > http://enterprisesecurity.symantec.com/symes238.cfm?JID=4&PID=11624271 > > > > Download the Symantec Client Security Brochure: > > http://enterprisesecurity.symantec.com/symes238.cfm?JID=5&PID=11624271 > > > > > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by:ThinkGeek > > Welcome to geek heaven. > > http://thinkgeek.com/sf > > _______________________________________________ > > Phplib-users mailing list > > Php...@li... > > https://lists.sourceforge.net/lists/listinfo/phplib-users > > |
