[Phplib-users] auth url question
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
[Phplib-users] auth url question
|
From: Rob H. <rob...@ws...> - 2002-10-29 03:32:00
|
The crcloginform.html from the snapshot calls $auth->url() which calls
$sess->self_url() to populate the for post action. $sess->self_url() calls
getenv('REQUEST_URI') which my understanding is does not work under some
circumstances and bypasses the regex done in login if. It also calls
$sess->url() which is marked do not use for some reason.
So I have a question and a suggestion. Question: $sess->url() refers to
using the php url rewriting functions which is already done. So can the
comment about not using $sess->url() be removed and the lines:
// Encode naughty characters in the URL
$url = str_replace(array("<", ">", " ", "\"", "'"),
array("%3C", "%3E", "+", "%22", "%27"), $url);
be removed as the urlencode on the lines above that already do this?
can the getenv('REQUEST_URI') in self_url() be changed to $PHP_SELF . "?" .
$HTTP_SERVER_VARS['QUERY_STRING']; ?
Rob Hutton
Web Safe
www.wsafe.com
**********************************************************************
Introducing Symantec Client Security - Integrated Anti-Virus,
Firewall, and Intrusion Detection for the Client.
Learn more:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271
|
