 |
 |
 |
 |
|
|
Date: 04/19/00
- Next message: Adam N. Thompson, MCNE, MCSE: "[PHPLIB-DEV] Comments in PHPLIB source code"
- Previous message: Adam Thompson, MCNE, MCSE: "Re: [PHPLIB-DEV] php or asp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
Well, these aren't exactly "bugs" but they seem like bugs in that
they are small bits of functionality that probably should be in PHPLIB
by default. Perhaps you've already dealt with these in the development
version. Anyhow, here goes.
Problem #1 If you use cgi-php3 with redirection, on some servers
(notably, we are using Roxen) $sess->self_url() returns eg
"/cgi-bin/php3.cgi/path/to/script.php3". For security reasons, php-cgi
won't accept this. Instead, it wants you to submit to the webserver the
address "/path/to/script.php3" and the webserver will take care of
redirecting it to "/cgi-bin/php3.cgi/path/to/script.php3" in such a way
that php3 finds it acceptable. All this is to say, it would be very
useful (and very easy, I did it on my local setup in about 2 minutes) if
you were to include a variable in the session class, say var
$cgi_prefix, that could be given a value in the user's local.inc
sub-class with a string that would be stripped.
Here's an example replacement self_url(), perhaps there is a better way,
place to do it, dunno:
function self_url() {
global $PHP_SELF, $QUERY_STRING;
$self_url = $this->url($PHP_SELF.
((isset($QUERY_STRING) && ("" != $QUERY_STRING)) ?
"?".$QUERY_STRING : ""));
$self_url = ereg_replace($this->cgi_prefix, "", $self_url);
return $self_url;
}
Problem #2 Same kind of problem, but the solution would be a tiny bit
more complex to implement: when using default authentication and
login_if(), phplib doesn't offer any way to automatically strip the
"again" variable (or whatever you choose to call it) from self_url().
This has the effect that it keeps asking you to login, until you figure
out that you need to somewhere in your code strip that variable from the
url before it gets passed to *loginform.ihtml. Again, I think the
easiest way to do this would be to give the user a variable that they
can override with a string containing whatever variable name they are
using. Then, you could use some sort of ereg to strip it (it would have
to be a bit more complicated regexp than my previous example in order to
leave the rest of the get vars in place and punctuated correctly). It
might also be useful to either create a new function (or modify one of
the existing url related functions) that is a generalized utility
function that will strip a variable given to it from QUERY_STRING. This
could then be used internally by PHPLIB to strip that stuff before
self_url is called so that it would never have to worry about it.
Sorry if this is stuff you already dealt with a long time ago.
Jeff Schmidt
-- "Message sent by jschmid <email protected>"- PHPLIB Developers Mailing List. Send messages to <phplib-dev <email protected>>. To unsubscribe, send "unsubscribe" to <phplib-dev-request <email protected>> in the body, not the subject, of your message.
- Next message: Adam N. Thompson, MCNE, MCSE: "[PHPLIB-DEV] Comments in PHPLIB source code"
- Previous message: Adam Thompson, MCNE, MCSE: "Re: [PHPLIB-DEV] php or asp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]