Re: [phplib] Re:crypt-challenge-response-UserAdministration! From: Marko Kaening (marko <email protected>)
Date: 11/03/00

Hi Dominic,

> Thank you, that's all I needed! I'm just wordering that there are so
Fine.

> many mistakes in the examples pages? Why does nobody correct
> them, I know about 5 five bugs in the example pages!!
Yes, I mentioned that already on this list, but there was no reply to
that...
I also wrote Kristian Koehntopp about that, but it looks like they are too
busy with other projects to be able to work with their example files for
phplib. It looks like all the profi programmers know how to avoid those
things or have corrected their versions of phplib... otherwise I can't
imagine how they are able to have a running phplib.

> I also have a question regarding your answer. First your file
> header.inc: Why are there headerlines produced. I thought I could
> handle this by setting $allowcache ="no" for example.
Yes, I think you are right. They shouldn't be necessary, but I left them
there for safety.

>Then your small snippet above! I didn't exactly understand this. Do
>you use this just in your crcloginform.ihtml or on other pages too. And
>what do you mean by "restores previously entered values of forms" ?
Well, I use this

> <?php
> if(isset($HTTP_POST_VARS))
> {
> reset ($HTTP_POST_VARS);
> $SavePostVars=$HTTP_POST_VARS;
> }
> ?>

only on the page which needs information from POSTED data. Say you have a
php script which uses a form to post data to the server and you override
the maximum timespan you have for that page... so the problem occurs that
all the data would normally thrown away as soon as you enter the next page
(after pressing you submit button of that form on page 1). To avoid
loosing those data on that second page one should use this little snippit
right at the beginning, before you really open the page with page_open.
The following step will be, in case you got logged out automatically
because of time overrun, that crcloginform.inc is called! That's why you
will find in that code I sent before a part where all the original data is
restored from that string '$SavePostVars' as hidden data elements. All
this was discussed in this list before, it's not my idea, actually! I
think it though needs thorough testing since I am not quite sure that this
always works properly... I am afraid there is a problem with big
strings.... Will see. But in principle this method seems to work.

I think the main thing is that this crclogin enables you to have a safer
login and that those minor errors where fixed. So all works fine for me
and up to now there were no problems with that anymore, though at the
beginning those example files really drove me CRAZY. I was close to give
up understanding what's going on. But luckyly there is this list which
HELPS ALOT!

BUT, honestly, there should be an update of the example files and also
those bugs in ac_store and in the template class should be fixed, because
they are well known and it shouldn't be a big problem. It just needs to be
done!

Regards and good luck,
Marko 

-- 
                    O _ O
                     0 0
 ------------------m-\o/-m----------------------------------------
 Marko K"aning         Tel/Fax: +49-3834 554 442 / -3834 554 301  
 INP Greifswald            email  : kaening <email protected>        

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>