phplib-users Mailing List for PHPLIB (Page 44)
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
phplib-users — A list for users of phplib to talk / discuss phplib
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(106) |
Sep
(99) |
Oct
(44) |
Nov
(97) |
Dec
(60) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(56) |
Feb
(81) |
Mar
(134) |
Apr
(69) |
May
(106) |
Jun
(122) |
Jul
(98) |
Aug
(52) |
Sep
(184) |
Oct
(219) |
Nov
(102) |
Dec
(106) |
| 2003 |
Jan
(88) |
Feb
(37) |
Mar
(46) |
Apr
(51) |
May
(30) |
Jun
(17) |
Jul
(45) |
Aug
(19) |
Sep
(5) |
Oct
(4) |
Nov
(12) |
Dec
(7) |
| 2004 |
Jan
(11) |
Feb
(7) |
Mar
|
Apr
(15) |
May
(17) |
Jun
(13) |
Jul
(5) |
Aug
|
Sep
(8) |
Oct
(6) |
Nov
(21) |
Dec
(13) |
| 2005 |
Jan
(4) |
Feb
(3) |
Mar
(7) |
Apr
(7) |
May
|
Jun
(11) |
Jul
(7) |
Aug
|
Sep
|
Oct
|
Nov
(7) |
Dec
|
| 2006 |
Jan
(3) |
Feb
|
Mar
(1) |
Apr
|
May
|
Jun
(2) |
Jul
(1) |
Aug
|
Sep
|
Oct
(9) |
Nov
|
Dec
(5) |
| 2007 |
Jan
(15) |
Feb
(2) |
Mar
|
Apr
|
May
|
Jun
|
Jul
(9) |
Aug
|
Sep
(2) |
Oct
|
Nov
|
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
(12) |
May
|
Jun
(3) |
Jul
(1) |
Aug
(19) |
Sep
(2) |
Oct
|
Nov
|
Dec
(6) |
| 2009 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(6) |
|
From: Dr T. S. <ta...@sa...> - 2002-09-25 15:24:32
|
On Thu, 26 Sep 2002, Richard Archer wrote: > I'm not a big fan of user comments on docs, but I never stopped to > think about why. That post explains a lot! Well I always have found notes to be a treasure trove of tips and tricks and that is why I went thru the trouble of setting one up for PHPlib and also see to it that incorrect or inconsequential entries do not last more than a few hours > Perhaps the user comments on the PHPLIB docs should be used to > highlight to the doc editors (*wave* Tarique ;) where the docs need > enhancing. Sort of like the SF trackers are to the code. Eeps! please dont start that dangerous trend - I already delete several bug reports and queries a week which I get despite all ... ... Tarique -- ============================================================= PHP Applications for E-Biz: http://www.sanisoft.com Indian PHP User Group: http://groups.yahoo.com/group/in-phpug ============================================================= |
|
From: Joe S. <jo...@be...> - 2002-09-25 15:24:14
|
On Wed, Sep 25, 2002 at 12:58:19PM +0530, Dr Tarique Sani wrote: > Hello Folks, > > Just to get the focus back into the discussion OR to get my focus cleared > > This release we are talking about is supposed to a drop-in replacement > for older PHPlib - right? > Yes. > Then in that case we need to get the test suite (in the pages directory) > working > > Here are two things that I found when trying to use Giancarlo's modified > Session4.inc > > 1) Default Auth in default.php3 does not work always asks for login Hmm. Try it with the session4.inc from my patch. I didn't see this behavior with it. I can reproduce what you see with Gian's. (It doesn't seem like it should but it does) Is this with default.php3?again=yes? or just default.php3? Also - What needs to be done to get the updated docs into cvs in a state that can be maintained there and built for distribution? thanks, Joe |
|
From: Richard A. <rh...@ju...> - 2002-09-25 14:19:17
|
At 10:09 -0400 25/9/02, Rob Hutton wrote: >removed at any time. I have found it much more effective to eithe provide a >tutorials page in the docs, or put them in the documentation area of the >site, not to expect people to go digging through the user comments to find Interesting. I'm not a big fan of user comments on docs, but I never stopped to think about why. That post explains a lot! Perhaps the user comments on the PHPLIB docs should be used to highlight to the doc editors (*wave* Tarique ;) where the docs need enhancing. Sort of like the SF trackers are to the code. ...R. |
|
From: Rob H. <rob...@ws...> - 2002-09-25 14:05:47
|
Yes, but often these comments are skipped and if you are a memeber of the postgres mailing list, etc., there are numerous comments about how bad the documentation is when the answer is often in the comments. There are just too many of them and many are either wrong or misleading. In the php documentation itself you will find many posts that correct, modify, suggest about previous posts. Not to mension the fact that these pages can be removed at any time. I have found it much more effective to eithe provide a tutorials page in the docs, or put them in the documentation area of the site, not to expect people to go digging through the user comments to find them. For what my .02 is worth...;-) Rob Hutton Web Safe www.wsafe.com > > You can add notes to the online PHPlib manual yourself |
|
From: Dr T. S. <ta...@sa...> - 2002-09-25 13:52:42
|
On Wed, 25 Sep 2002, Rob Hutton wrote: > http://www.devshed.com/Server_Side/PHP/PHPLib/page1.html or simply grab the > printer friendly or pdf version and post it to the documentation section. You can add notes to the online PHPlib manual yourself Also please start snipping the non relevant portions of the post when replying Cheers Tarique -- ============================================================= PHP Applications for E-Biz: http://www.sanisoft.com Indian PHP User Group: http://groups.yahoo.com/group/in-phpug ============================================================= |
|
From: Rob H. <rob...@ws...> - 2002-09-25 13:41:45
|
OK, Finally found the answer to my own problems. 1) I was missing spaces either after the <!-- or before the -->. I know that their have to be some regex rules, but could they be relaxed to accept <!--BEGIN blockname-->? 2) I did the set block in the reverse order, starting with the outermost and working inwards. I thought this was correct because the template system needed to understand the layering. I would suggest a link in the documentation area of the sourceforge site to http://www.devshed.com/Server_Side/PHP/PHPLib/page1.html or simply grab the printer friendly or pdf version and post it to the documentation section. I would be happy to add links to the documentation area and get permission from the people who have published them as I run across them if someone wants to grant me admin priviledges... Thanks, Rob Hutton Web Safe www.wsafe.com ********************************************************************** Introducing Symantec Client Security - Integrated Anti-Virus, Firewall, and Intrusion Detection for the Client. Learn more: http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271 View our Symantec Client Security Demo: http://enterprisesecurity.symantec.com/symes238.cfm?JID=3&PID=11624271 Download the Symantec Client Security Fact Sheet: http://enterprisesecurity.symantec.com/symes238.cfm?JID=4&PID=11624271 Download the Symantec Client Security Brochure: http://enterprisesecurity.symantec.com/symes238.cfm?JID=5&PID=11624271 > -----Original Message----- > From: php...@li... > [mailto:php...@li...]On Behalf Of Rob Hutton > Sent: Wednesday, September 25, 2002 7:32 AM > To: php...@li... > Subject: RE: [Phplib-users] Template problems > > > To provide a little more information, I have looked at code written by > others and I have not found anyone using layered blocks. All the > code that > I have found achieves a similar effect by defining blocks linearly and > putting a placeholder where the sub block would go and parsing into this > variable. Is this a better way of going at things? > > Rob Hutton > Web Safe > www.wsafe.com > > ********************************************************************** > > Introducing Symantec Client Security - Integrated Anti-Virus, > Firewall, and Intrusion Detection for the Client. > > Learn more: > http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271 > > View our Symantec Client Security Demo: > http://enterprisesecurity.symantec.com/symes238.cfm?JID=3&PID=11624271 > > Download the Symantec Client Security Fact Sheet: > http://enterprisesecurity.symantec.com/symes238.cfm?JID=4&PID=11624271 > > Download the Symantec Client Security Brochure: > http://enterprisesecurity.symantec.com/symes238.cfm?JID=5&PID=11624271 > > > > -----Original Message----- > > From: php...@li... > > [mailto:php...@li...]On Behalf Of Rob Hutton > > Sent: Tuesday, September 24, 2002 7:25 PM > > To: php...@li... > > Subject: [Phplib-users] Template problems > > > > > > OK, couple of more questions. I'm just not getting how things > > are laid out > > and interrelated. > > > > I have a base template for a page with a place holder in it for a menu > > {mainMenu}. I have another template called side menu with the following > > structure. > > > > *menu.tpl > > some javascript code > > <!-- BEGIN block1 --> > > function({block1var}); > > <!-- END block1 --> > > > > <!-- menuItemBlock --> > > <!-- BEGIN childblock1 --> > > {var1} > > {var2} > > <!-- END childblock1 --> > > <!-- BEGIN childblock2 --> > > {var 3} > > <!-- END childblock2 --> > > {var 4} > > <!-- menuItemBlock --> > > > > > > The code in the side menu page gets included in them main page > fine. The > > problem that I am having is in processing the menu page. Both > > 'block1' and > > 'menu' item block can appear multiple times in one menu. So I do a: > > > > $t->set_file('menu','leftmenu.tpl'); > > > > $t->set_block('menu','block1','block1place'); > > > > reset ($mainMenu); > > while (list ($key, $val) = each ($mainMenu)) { > > $t->set_var(array('block1var' => $key)); > > $t->parse('block1place', 'block1', true); > > } > > > > It gets added once for each pass through $mainMenu as it should. > > But when I > > do a similar thing with menuItemBlock, I only get it added once the last > > time through. Here is what I am doing. > > > > reset ($mainMenu); > > while (list ($key, $val) = each ($mainMenu)) { > > $t->set_block('mainMenuItem','childblock1','childblock1holder'); > > $t->set_var(array( > > 'var1' => $val1, > > 'var2' => $val2)); > > > > $t->parse('childblock1', 'childblock1', true); > > $t->set_block('mainMenuItem','childblock2','childblock2holder'); > > $t->set_var(array('var3' => $val2)); > > $t->parse('childblock1', 'childblock1', true); > > $t->set_block('menu','menuItemBlock','menuItem'); > > $t->set_var(array('var4 => $val4); > > $t->parse('menutItem','menuItemBlock', true); > > } > > > > I only get one menuItemBlock for the last time through. > > > > All this to say, is there a document somewhere that better covers > > Templates > > and child blocks? If not, I've read through the source once and am > > confused. I guess I don't understand the overall structure. > > > > Thanks, > > Rob Hutton > > Web Safe > > www.wsafe.com > > > > ********************************************************************** > > > > Introducing Symantec Client Security - Integrated Anti-Virus, > > Firewall, and Intrusion Detection for the Client. > > > > Learn more: > > http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271 > > > > View our Symantec Client Security Demo: > > http://enterprisesecurity.symantec.com/symes238.cfm?JID=3&PID=11624271 > > > > Download the Symantec Client Security Fact Sheet: > > http://enterprisesecurity.symantec.com/symes238.cfm?JID=4&PID=11624271 > > > > Download the Symantec Client Security Brochure: > > http://enterprisesecurity.symantec.com/symes238.cfm?JID=5&PID=11624271 > > > > > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by:ThinkGeek > > Welcome to geek heaven. > > http://thinkgeek.com/sf > > _______________________________________________ > > Phplib-users mailing list > > Php...@li... > > https://lists.sourceforge.net/lists/listinfo/phplib-users > > > > > > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users > |
|
From: Rob H. <rob...@ws...> - 2002-09-25 11:28:06
|
To provide a little more information, I have looked at code written by others and I have not found anyone using layered blocks. All the code that I have found achieves a similar effect by defining blocks linearly and putting a placeholder where the sub block would go and parsing into this variable. Is this a better way of going at things? Rob Hutton Web Safe www.wsafe.com ********************************************************************** Introducing Symantec Client Security - Integrated Anti-Virus, Firewall, and Intrusion Detection for the Client. Learn more: http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271 View our Symantec Client Security Demo: http://enterprisesecurity.symantec.com/symes238.cfm?JID=3&PID=11624271 Download the Symantec Client Security Fact Sheet: http://enterprisesecurity.symantec.com/symes238.cfm?JID=4&PID=11624271 Download the Symantec Client Security Brochure: http://enterprisesecurity.symantec.com/symes238.cfm?JID=5&PID=11624271 > -----Original Message----- > From: php...@li... > [mailto:php...@li...]On Behalf Of Rob Hutton > Sent: Tuesday, September 24, 2002 7:25 PM > To: php...@li... > Subject: [Phplib-users] Template problems > > > OK, couple of more questions. I'm just not getting how things > are laid out > and interrelated. > > I have a base template for a page with a place holder in it for a menu > {mainMenu}. I have another template called side menu with the following > structure. > > *menu.tpl > some javascript code > <!-- BEGIN block1 --> > function({block1var}); > <!-- END block1 --> > > <!-- menuItemBlock --> > <!-- BEGIN childblock1 --> > {var1} > {var2} > <!-- END childblock1 --> > <!-- BEGIN childblock2 --> > {var 3} > <!-- END childblock2 --> > {var 4} > <!-- menuItemBlock --> > > > The code in the side menu page gets included in them main page fine. The > problem that I am having is in processing the menu page. Both > 'block1' and > 'menu' item block can appear multiple times in one menu. So I do a: > > $t->set_file('menu','leftmenu.tpl'); > > $t->set_block('menu','block1','block1place'); > > reset ($mainMenu); > while (list ($key, $val) = each ($mainMenu)) { > $t->set_var(array('block1var' => $key)); > $t->parse('block1place', 'block1', true); > } > > It gets added once for each pass through $mainMenu as it should. > But when I > do a similar thing with menuItemBlock, I only get it added once the last > time through. Here is what I am doing. > > reset ($mainMenu); > while (list ($key, $val) = each ($mainMenu)) { > $t->set_block('mainMenuItem','childblock1','childblock1holder'); > $t->set_var(array( > 'var1' => $val1, > 'var2' => $val2)); > > $t->parse('childblock1', 'childblock1', true); > $t->set_block('mainMenuItem','childblock2','childblock2holder'); > $t->set_var(array('var3' => $val2)); > $t->parse('childblock1', 'childblock1', true); > $t->set_block('menu','menuItemBlock','menuItem'); > $t->set_var(array('var4 => $val4); > $t->parse('menutItem','menuItemBlock', true); > } > > I only get one menuItemBlock for the last time through. > > All this to say, is there a document somewhere that better covers > Templates > and child blocks? If not, I've read through the source once and am > confused. I guess I don't understand the overall structure. > > Thanks, > Rob Hutton > Web Safe > www.wsafe.com > > ********************************************************************** > > Introducing Symantec Client Security - Integrated Anti-Virus, > Firewall, and Intrusion Detection for the Client. > > Learn more: > http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271 > > View our Symantec Client Security Demo: > http://enterprisesecurity.symantec.com/symes238.cfm?JID=3&PID=11624271 > > Download the Symantec Client Security Fact Sheet: > http://enterprisesecurity.symantec.com/symes238.cfm?JID=4&PID=11624271 > > Download the Symantec Client Security Brochure: > http://enterprisesecurity.symantec.com/symes238.cfm?JID=5&PID=11624271 > > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users > > |
|
From: Richard A. <rh...@ju...> - 2002-09-25 11:12:09
|
At 9:57 +0200 25/9/02, Gaetano Giunta wrote: >but there were some tests done recently by someone (?) that showed an >absolutely irrelevant difference in speed changing quotes. I ran some speed tests once, but I'm not sure where I published them. The result was that under PHP 3 there is an order of magnitude of difference in processing " and ' strings. But under PHP 4 the difference is around 5%. Personally I always use " as it makes the code just a little more consistent and easier to maintain. I hate having to change ' to " when I need to add a variable to a string, and always forget to change them back when deleting all vars! ...Richard. |
|
From: Maxim D. <max...@bo...> - 2002-09-25 10:16:17
|
Hello Tarique, Wednesday, September 25, 2002, 11:28:19 AM, you wrote: DTS> 2) User class has refernces to thaw() which complains User3 (the classic user class) extends Session3(classic Session). It is absolutely incompatible and should not be used with Session4. Thats why User4 was written. User4 is a standalone class, it does not extends any of the Session classes. -- Best regards, Maxim Derkachev mailto:max...@bo... IT manager, Symbol-Plus Publishing Ltd. phone: +7 (812) 324-53-53 www.books.ru, www.symbol.ru |
|
From: Dr T. S. <ta...@sa...> - 2002-09-25 08:26:54
|
On Wed, 25 Sep 2002, Giancarlo wrote: > Il 09:24, mercoled=EC 25 settembre 2002, Matteo Sgalaberni ha scritto: > > On Tue, Sep 24, 2002 at 10:43:11PM -0500, Chris Johnson wrote: > > > authentication, then I think it would be great to offer PHPLIB users > > > the choice of the old, interstitial (blocking) Auth method, and your > > > > I agree with you. >=20 > To be clear: that auth can behaves EXACTLY as before, with no changes to= the=20 > code. You can drop it in as a replacemet.=20 Yes - this works very well - did some work around with your class Good work!!! Cheers Tarique=20 --=20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D PHP Applications for E-Biz: http://www.sanisoft.com Indian PHP User Group: http://groups.yahoo.com/group/in-phpug =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D |
|
From: Giancarlo <gia...@na...> - 2002-09-25 08:15:40
|
Il 09:24, mercoled=EC 25 settembre 2002, Matteo Sgalaberni ha scritto: > On Tue, Sep 24, 2002 at 10:43:11PM -0500, Chris Johnson wrote: > > authentication, then I think it would be great to offer PHPLIB users > > the choice of the old, interstitial (blocking) Auth method, and your > > I agree with you. To be clear: that auth can behaves EXACTLY as before, with no changes to= the=20 code. You can drop it in as a replacemet.=20 OR you can use it the other way (with the deferred form behaviour), like= the=20 default_auth. Then you have to chage your code. Gian |
|
From: Dr T. S. <ta...@sa...> - 2002-09-25 08:15:24
|
On Wed, 25 Sep 2002, Dr Tarique Sani wrote: > 2) User class has refernces to thaw() which complains OK! using user4.inc instead of user.inc solves this problem Will be working on the default_auth soon Tarique -- ============================================================= PHP Applications for E-Biz: http://www.sanisoft.com Indian PHP User Group: http://groups.yahoo.com/group/in-phpug ============================================================= |
|
From: Giancarlo <gia...@na...> - 2002-09-25 08:07:23
|
Il 09:58, mercoled=EC 25 settembre 2002, I wrote:
Oops:
> My auth class, with the splashform behaviour, suits your need perfectly=
the
> same as before.
> The 'form' aim (preveting registration with a single POST, maybe from a
> batch script), is not needed once we are sure, for example, that a new
> session can be obtained by simply appending ?Example_session=3Dfoo to t=
he URL
^^^
can NOT
gian
|
|
From: Giancarlo <gia...@na...> - 2002-09-25 08:02:29
|
Il 05:43, mercoled=EC 25 settembre 2002, hai scritto: > > I currently have a large application which uses the old blocking Auth > method and it is the right thing for that application -- all users must > be authenticated and there are no default facilities. > Then what you want is: wherever I instantiate the auth feature, if the user bears no authenticat= ion,=20 a splash login page is shown by auth itself, your script does not have to= =20 check anything. Just instantiating the auth class will do it. You don't=20 really want blocking mode. You wat a splash form behaviour handled by aut= h=20 itself. Others, or you in other apps, my want: whenever I instantiate the auth feature, auth returns me a value that say= s if=20 the user bears authentication or not. And my script, not auth, decides wh= at=20 to do, when to do it. You don't want blocking mode here either. You want = to=20 handle the situation by yourself knowing if the user is logged or not. Th= a=20 auths class outputs nothing, it just returns you a value that says if he = is=20 logged in or not They are two different things, but they eat the tail one each other, as i= t is=20 now. My auth class, with the splashform behaviour, suits your need perfectly t= he=20 same as before.=20 The 'form' aim (preveting registration with a single POST, maybe from a b= atch=20 script), is not needed once we are sure, for example, that a new session = can=20 be obtained by simply appending ?Example_session=3Dfoo to the URL request= . The=20 effect is the same as that of having previously requested a login form:=20 prevents single POST registration Gian |
|
From: Gaetano G. <giu...@se...> - 2002-09-25 07:58:17
|
>=20 > Hi, >=20 > I noticed that a lot of code doesn't seem to take care of the=20 > difference > between string definitions using "" or ''. As far as I=20 > understood all the > strings enclosed with "" will be preprocessed by a parser,=20 > ''-strings stay > untouched. So the latter can speed things up. >=20 > There are many libraries written only with "", but perhaps they'd be > faster with the ''-version? Any experience with this? >=20 > Marko >=20 Forgot where exactly (the link should be somewhere on = http://php.weblogs.com), but there were some tests done recently by = someone (?) that showed an absolutely irrelevant difference in speed = changing quotes. The tests also stressed speed differences in other areas of php where = different syntax can be used. DISCLAIMER: I have done my stats studies, andI know tests have to be = done on different OS, different php.ini etc... to be of any value. |
|
From: Dr T. S. <ta...@sa...> - 2002-09-25 07:52:19
|
Hello Folks, Just to get the focus back into the discussion OR to get my focus cleared This release we are talking about is supposed to a drop-in replacement for older PHPlib - right? Then in that case we need to get the test suite (in the pages directory) working Here are two things that I found when trying to use Giancarlo's modified Session4.inc 1) Default Auth in default.php3 does not work always asks for login 2) User class has refernces to thaw() which complains HTH Tarique -- ============================================================= PHP Applications for E-Biz: http://www.sanisoft.com Indian PHP User Group: http://groups.yahoo.com/group/in-phpug ============================================================= |
|
From: Marko K. <M.K...@os...> - 2002-09-25 07:35:18
|
Hi, I noticed that a lot of code doesn't seem to take care of the difference between string definitions using "" or ''. As far as I understood all the strings enclosed with "" will be preprocessed by a parser, ''-strings stay untouched. So the latter can speed things up. There are many libraries written only with "", but perhaps they'd be faster with the ''-version? Any experience with this? Marko |
|
From: Giancarlo <gia...@na...> - 2002-09-25 07:26:19
|
Il 05:43, mercoled=EC 25 settembre 2002, hai scritto: > I have not tried your new auth, Gian. If it implements Kristian's > suggestion for the redesigned Auth process for sidebar and default > authentication, then I think it would be great to offer PHPLIB users > the choice of the old, interstitial (blocking) Auth method, and your > new default Auth method. Interstitial (blocking) mode and default_auth (nobody) are conceptually = two=20 different, separate things. The relation among the two is the fact that phplib, whenever has shown a=20 login page, wants to have auth[uid]=3D'form' before accepting its submis= sion. And, to decide if the login form has to be shown or not, some auth class = has=20 to be instantiated, even if not already logged: so the need to default_au= th. The interstitial (blocking) method is something more than just showing a=20 'spalsh login page' instead of a form somewhere down.=20 The interstitial concept is that, once you have requested a protected pag= e=20 and you are not authenticated , you session enters a blocking state=20 (auth[uid]=3Dform). You have a single point of entrance into the session.= You=20 have to request a ticket (uid=3Dform) before you can proceed with the ses= sio.=20 Your session is blocked, everywhere, on other frames, in going 'back', in= a=20 new browser window. The aim of the 'form' status is to be sure that you have previously reque= sted=20 a login form to phplib before submitting it. Is to prevent people registe= ring=20 with a single POST, without having entered the 'form' status before. > > I currently have a large application which uses the old blocking Auth > method and it is the right thing for that application -- all users must > be authenticated and there are no default facilities. This is different that interstitial method. You mayy have 'no default=20 facilities' even without interstitial blocking mode. Gian |
|
From: Matteo S. <sg...@sg...> - 2002-09-25 07:24:46
|
On Tue, Sep 24, 2002 at 10:43:11PM -0500, Chris Johnson wrote:
> authentication, then I think it would be great to offer PHPLIB users
> the choice of the old, interstitial (blocking) Auth method, and your
I agree with you.
> I currently have a large application which uses the old blocking Auth
And with you a lot of people that use PHPLIB from years and have
invested a lot of time and money in application that are based on
this...
> method and it is the right thing for that application -- all users must
> be authenticated and there are no default facilities.
Yeah!:)
Bay
Matteo
--
Matteo Sgalaberni | Web : http://www.sgala.com
-- | E-Mail : ma...@sg...
System and Application Engineer |
-------------------------------------------------------------------------------
|
|
From: Chris J. <ch...@ch...> - 2002-09-25 03:26:14
|
On Wed, Sep 25, 2002 at 12:34:46AM +0200, Giancarlo wrote: > May I recall Kristian Kohentopp's comments about actual auth oddities? > http://sourceforge.net/mailarchive/forum.php?thread_id=875358&forum_id=808 > > <snip> > > >- what is > > the use of the auth['uid']='form' status, if not better > > security? > > Koehntopp PHPLIB was programmed with interstitial (blocking) > authentication in mind. The state machine is > really only useful > for that, and little else. Default Auth and > auth_preauth() were added as an afterthought in Koehntopp PHPLIB, and are > really cluttering up the Auth process. > The whole thing should be redesigned, and using a > sidebar login and default authentication as the main model, as > this is much more common and useful than the original interstitial auth. > > </snip> > > > Has anyone tried my new auth at > http://sourceforge.net/tracker/index.php?func=detail&aid=561500&group_id=31885&atid=403613 > > Sorry to insist anyway, but that would solve many problems, and is perfectly > compatible. > > Gian I have not tried your new auth, Gian. If it implements Kristian's suggestion for the redesigned Auth process for sidebar and default authentication, then I think it would be great to offer PHPLIB users the choice of the old, interstitial (blocking) Auth method, and your new default Auth method. I currently have a large application which uses the old blocking Auth method and it is the right thing for that application -- all users must be authenticated and there are no default facilities. But the default auth model is more common, as Kristian pointed out above. -- ..chris |
|
From: Rob H. <rob...@ws...> - 2002-09-24 23:20:28
|
OK, couple of more questions. I'm just not getting how things are laid out
and interrelated.
I have a base template for a page with a place holder in it for a menu
{mainMenu}. I have another template called side menu with the following
structure.
*menu.tpl
some javascript code
<!-- BEGIN block1 -->
function({block1var});
<!-- END block1 -->
<!-- menuItemBlock -->
<!-- BEGIN childblock1 -->
{var1}
{var2}
<!-- END childblock1 -->
<!-- BEGIN childblock2 -->
{var 3}
<!-- END childblock2 -->
{var 4}
<!-- menuItemBlock -->
The code in the side menu page gets included in them main page fine. The
problem that I am having is in processing the menu page. Both 'block1' and
'menu' item block can appear multiple times in one menu. So I do a:
$t->set_file('menu','leftmenu.tpl');
$t->set_block('menu','block1','block1place');
reset ($mainMenu);
while (list ($key, $val) = each ($mainMenu)) {
$t->set_var(array('block1var' => $key));
$t->parse('block1place', 'block1', true);
}
It gets added once for each pass through $mainMenu as it should. But when I
do a similar thing with menuItemBlock, I only get it added once the last
time through. Here is what I am doing.
reset ($mainMenu);
while (list ($key, $val) = each ($mainMenu)) {
$t->set_block('mainMenuItem','childblock1','childblock1holder');
$t->set_var(array(
'var1' => $val1,
'var2' => $val2));
$t->parse('childblock1', 'childblock1', true);
$t->set_block('mainMenuItem','childblock2','childblock2holder');
$t->set_var(array('var3' => $val2));
$t->parse('childblock1', 'childblock1', true);
$t->set_block('menu','menuItemBlock','menuItem');
$t->set_var(array('var4 => $val4);
$t->parse('menutItem','menuItemBlock', true);
}
I only get one menuItemBlock for the last time through.
All this to say, is there a document somewhere that better covers Templates
and child blocks? If not, I've read through the source once and am
confused. I guess I don't understand the overall structure.
Thanks,
Rob Hutton
Web Safe
www.wsafe.com
**********************************************************************
Introducing Symantec Client Security - Integrated Anti-Virus,
Firewall, and Intrusion Detection for the Client.
Learn more:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271
View our Symantec Client Security Demo:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=3&PID=11624271
Download the Symantec Client Security Fact Sheet:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=4&PID=11624271
Download the Symantec Client Security Brochure:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=5&PID=11624271
|
|
From: Giancarlo <gia...@na...> - 2002-09-24 22:39:08
|
May I recall Kristian Kohentopp's comments about actual auth oddities? http://sourceforge.net/mailarchive/forum.php?thread_id=875358&forum_id=808 <snip> >- what is > the use of the auth['uid']='form' status, if not better > security? Koehntopp PHPLIB was programmed with interstitial (blocking) authentication in mind. The state machine is really only useful for that, and little else. Default Auth and auth_preauth() were added as an afterthought in Koehntopp PHPLIB, and are really cluttering up the Auth process. The whole thing should be redesigned, and using a sidebar login and default authentication as the main model, as this is much more common and useful than the original interstitial auth. </snip> Has anyone tried my new auth at http://sourceforge.net/tracker/index.php?func=detail&aid=561500&group_id=31885&atid=403613 Sorry to insist anyway, but that would solve many problems, and is perfectly compatible. Gian |
|
From: Giancarlo <gia...@na...> - 2002-09-24 21:05:28
|
Il 21:36, marted=EC 24 settembre 2002, hai scritto: > On Tue, Sep 24, 2002 at 12:31:19PM -0700, Aric Caley wrote: > > But if you have to implement the form anyway, who cares what the func= tion > > is called? Implement the form you want. > > > > Now, if the login form normaly came up and then gave you an option to= go > > to the registration form then I could see a reason to have the two > > functions for forms and two functions for validation. But it doesnt = seem > > to work like that. At least I can't get it to do that. > > Ah, It can work that way just fine. > > > You either *always* get registerform()/doregister() or *always* get > > loginform()/validatelogin() depending on the mode. The mode never > > changes. So one set of functions never gets called. So why have two?= =20 > > What am I missing? You are wrong. The script changes $this->mode somewhere, for it's tempora= ry=20 use! Can't remember where. This is one of the oddities of this all. In my auth path I made (long time ago, but I exhort you to consider it) i= t be=20 decided SOLELY by the get parameter. =2E Gian |
|
From: Joe S. <jo...@be...> - 2002-09-24 20:25:08
|
On Tue, Sep 24, 2002 at 01:05:03PM -0700, Aric Caley wrote:
>
> >
> > It's a logic problem that the mode never changes not auth.inc. I just got
> > burned on that with register_globals off. ( cvs commit soon for
> phpslash).
>
> I'm not sure what you mean...
>
If you change the mode in the class definition, you get the resulting
mode's form. So Auth is working in this regard. The mode just needs to
change depending on the GET variable as well.
An example - In your constructor of the class that extends Auth
if ($HTTP_GET_VARS['mode']=='reg') {
$this->mode='reg';
} else {
$this->mode='log';
}
This should bring up the registration form if mode=reg in the url.
> > Look at current cvs of phpSlash for an example of working code.
>
> that was going to be my next move. :) Haven't looked at recent code as
> I've been working on something else. Have you added user registrations yet?
Yeah, The current cvs has some other changes that aren't completed so
don't use it in production yet.
|
|
From: Aric C. <gre...@pe...> - 2002-09-24 20:05:20
|
----- Original Message ----- From: "Joe Stewart" <jo...@be...> To: "phpplib" <php...@li...> Sent: Tuesday, September 24, 2002 12:36 PM Subject: Re: [Phplib-users] auth_registerform/auth_doregister -- why? > On Tue, Sep 24, 2002 at 12:31:19PM -0700, Aric Caley wrote: > > But if you have to implement the form anyway, who cares what the function is > > called? Implement the form you want. > > > > Now, if the login form normaly came up and then gave you an option to go to > > the registration form then I could see a reason to have the two functions > > for forms and two functions for validation. But it doesnt seem to work like > > that. At least I can't get it to do that. > > > > Ah, It can work that way just fine. Oh, good... that makes sense... that is cool... I just dont know how to do it.. > > You either *always* get registerform()/doregister() or *always* get > > loginform()/validatelogin() depending on the mode. The mode never changes. > > So one set of functions never gets called. So why have two? What am I > > missing? > > > > It's a logic problem that the mode never changes not auth.inc. I just got > burned on that with register_globals off. ( cvs commit soon for phpslash). I'm not sure what you mean... > Look at current cvs of phpSlash for an example of working code. that was going to be my next move. :) Haven't looked at recent code as I've been working on something else. Have you added user registrations yet? |
17 messages has been excluded from this view by a project administrator.
