Staying logged-in
The log-in information is stored in a cookie which expires after 90 days. This is quite comfortable but could be a security risk, if you forget to logout in a i-net caffè ort on a pc used by many people.

Last edited by NilsLindenberg:
Modified links pointing to docs server
Mon, 28 Jan 2008 00:12 UTC [diff]


It would be better if a user could decide to be logged-out or to stay in.

I stuck some piece of code together. I know that stay_logged_in is a very uncreative name (loged-in with one or two g?), and the code needs someone to look over it. I am for example not sure if an enum in the table would be better. But to my great astonishment, it seems to work. :) --NilsLindenberg
Two gs: "logged in" (fixed in code samples below - hope I didn't miss any). -- JavaWoman

1) adding field to user table:

SQL-query:
ALTER TABLE `wikka_users` ADD `stay_logged_in` ENUM( 'Y', 'N' ) DEFAULT 'N' NOT NULL;


2) adding a table row to show the status of the variable (to actions/usersettings.php):

change
<tr> <td align="right">Show comments by default:</td> <td><input type="hidden" name="show_comments" value="N"><input type="checkbox" name="show_comments" value="Y" <?php echo $user["show_comments"]
"Y" ? "checked=\"checked\ : ?> /></td> </tr> <tr> <td align="right">RecentChanges display limit:</td> <td><input name="changescount" value="<?php echo htmlspecialchars($user["changescount"]) ?>" size="40" /></td> </tr>




3) added the user-table-update in actions/usersettings.php:

change:



to



4) replace the function SetUser() in wikka.php with the following one:

            /**
    * Sets cookie with name and passwort for a given user.
    *
    * Based on a given username, the name and the passwort of the user are stored
    * in a cookie on his computer. A user can choose with the config-option
    * "stay_logged_in", if the cookie is valid for a session, or for 90 days.
    *
    * @package  wikka
    * @subpackage   user
    * @name     SetUser
    *
    * @author       probably Hendrik Mans
    * @author       {@link http://wikka.jsnx.com/NilsLindenberg Nils Lindenberg} (choice between cookies)
    * @version      2.0
    * @since        probably wakka 1.0
    *
    * @input        string $user mandatory; name of the user
    *
    */

    function SetUser($user)
    {
        $_SESSION['user'] = $user;
        if ($user['stay_logged_in'] == 'Y')
        {
            $this->SetPersistentCookie('wikka_user_name', $user['name']);
            $this->SetPersistentCookie('wikka_pass', $user['password']);
        }
        else
        {
            $this->SetSessionCookie('wikka_user_name', $user['name']);
            $this->SetSessionCookie('wikka_pass', $user['password']);
        }          
    }


older discussion off-topic ;-)

Thank you. But seems like you get to like the different issue-different page think ;-) --
NilsLindenberg

ummm, not really. Two things. When there is what I think of as a code solution or proposed code solution that is useful then I think it's useful to then distinguish it in a section of its own because then it's easier for others to find. Your solution was a good one, and so should be recognized as such & be more easily available to the whole community. Secondly, from a server-owner perspective, it can boil down to server-hits & storage space. A continuing discussion on one page where 90% of the content deals with other issues means that every time somebody adds a new note ALL the page is saved....all the content travels out, all the content in, and the whole record each time is stored as latest='N' and disproportionately (relative to the conversation) increases the size of the database (which then affects processing time & amount of server memory utilized & thoughput on the harddrives etc). So, to me, it makes sense to put active discussions like I've described on a separate page so that bandwidth & storage accrues more-or-less just to the topic in discussion and not ALL of the content. (I don't know anything about the wikka server....Jason could be running wikka on a 500celeron box, or on a big one......so for the latter my concerns would not matter, for the former they would....but I tend to err on the side of conservatism (probably the only issue in my life that I do)) Cheers, Mike

"When there is what I think of as a code solution or proposed code solution that is useful then I think it's useful to then distinguish it in a section of its own because then it's easier for others to find." I admit i had to read the sentence three times :-) Nils Sorry, I'll try to write more clearly. [I started writing, "less convolutedly" and then realized that didn't help matters]. ; ) --
GmBowen


CategoryUserContributions
There are 9 comments on this page. [Show comments]
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki