[pLog-svn] r2447 - plog/branches/plog-1.0.2/class/action

Oscar Renalias oscar at renalias.net
Wed Sep 7 06:47:21 GMT 2005


what I don't like is that {$smarty.server.php_self} can return things
like /dir/summary.php in some situations... I generally don't like to
include paths in forms, you never know what sort ot tricks people are
pulling in their own webservers, and things get even more complicated
when using subdomains.

I say we analyze this more carefully in 1.1 and not include it in 1.0.2.

Oscar

On 9/7/05, Jon Daley <plogworld at jon.limedaley.com> wrote:
>         This is becoming too big an issue.  My only concern was that I
> broke summary.php for the 1.0.2 release.  As long as that is not the case,
> this can be postponed to 1.1, or forever for all that I care.
> 
>         Right, that's what I would expect it to.  I don't understand
> Oscar's first comment on that ticket, he sounded like giving the path name
> would be a bad thing.
> 
> 
> 
> On Tue, 6 Sep 2005, Reto Hugi wrote:
> > Some Examples on what php_self returns:
> >
> > Browser Request                       | php_self output
> >
> > http://example.com/summary.php        | /summary.php
> > http://example.com/dir/summary.php    | /dir/summary.php
> > http://example.com/summary.php?q=test | /summary.php
> > http://example.com/summary.php/foobar | /summary.php/foobar
> >
> > it's the absolute path to the webroot. May you please elaborate your
> > concerns a bit. I can't see where the pitfall is...(sorry, if this is
> > obvious)
> >
> > On 06.09.2005 23:06, Jon Daley wrote:
> >>      But, Oscar said it would replace it with /plog/ or something,
> >> sounding like of the time that would be the wrong thing to do.  That is
> >> why I am confused.  I would have expected this to work for summary and for
> >> admin.
> >>
> >> On Tue, 6 Sep 2005, Reto Hugi wrote:
> >>
> >>> jon,
> >>>
> >>> You changed the searchform in r2381 as follows
> >>>
> >>> -    <form id="searchForm" method="post" action="summary.php">
> >>> +    <form id="searchForm" method="post" action="{$smarty.server.PHP_SELF}">
> >>>
> >>> this is perfectly fine (and works for me as it should) and makes sense
> >>> because the summary.php page *might* be renamed.
> >>>
> >>> I'm still not so sure if my feature request to change all admin.php to
> >>> php_self makes sense, though. Does anybody mind if I remove the feature
> >>> request? Does any body see a good reason why admin.php should be
> >>> replaced with {$smarty.server.PHP_SELF} on the summary page and all
> >>> admin pages? If not, I'm removing the request.
> >>>
> >>> reto
> >>>
> >>>
> >>> On 06.09.2005 18:01, Jon Daley wrote:
> >>>>    My current main concern is whether I broke summary.php.  I don't
> >>>> think the original part of this needs to be fixed for 1.0.2.
> >>>>
> >>>> On Tue, 6 Sep 2005, Oscar Renalias wrote:
> >>>>> If anybody can take care of this issue, please go ahead. I won't have too
> >>>>> much time during the next few days, though I don't think it matters so much
> >>>>> if we delay the beta another week... In other words, I can do it if nobody
> >>>>> else wants to do it :-)
> >>>>>
> >>>>> Oscar
> >>>>>
> >>>>> On 6 Sep 2005, at 16:36, Jon Daley wrote:
> >>>>>
> >>>>>>    I looked through lots of things on mantis just now and don't see
> >>>>>> anything that has to be fixed.  I do have one question:
> >>>>>>
> >>>>>> http://bugs.plogworld.net/view.php?id=303
> >>>>>>
> >>>>>>    Other than that, I think 1.0.2 is good as it is.  I would like to avoid
> >>>>>> a 1.0.3 if we could.
> >>>>>>
> >>>>>> On Sun, 4 Sep 2005, Oscar Renalias wrote:
> >>>>>>
> >>>>>>> is there anything else any of you would like to commit to the plog-1.0.2
> >>>>>>> branch? If not, let's freeze that branch. If anything else comes up, we'll
> >>>>>>> start a plog-1.0.3 branch if necessary...
> >>>>>>>
> >>>>>>> Oscar
> >>>>>>>
> >>>>>>> On 4 Sep 2005, at 18:22, mark at devel.plogworld.net wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>> Author: mark
> >>>>>>>> Date: 2005-09-04 15:22:37 +0000 (Sun, 04 Sep 2005)
> >>>>>>>> New Revision: 2447
> >>>>>>>> Modified:
> >>>>>>>>  plog/branches/plog-1.0.2/class/action/blogaction.class.php
> >>>>>>>>  plog/branches/plog-1.0.2/class/action/resourceserveraction.class.php
> >>>>>>>> Log:
> >>>>>>>> Add some "else" statement to blogId look out founction. This can make
> >>>>>>>> sure if pLog can not find propreiate blogId , it will use default_blog_id
> >>>>>>>> as the blogId.
> >>>>>>>> Modified: plog/branches/plog-1.0.2/class/action/blogaction.class.php
> >>>>>>>> ===================================================================
> >>>>>>>> --- plog/branches/plog-1.0.2/class/action/blogaction.class.php 2005-09-03
> >>>>>>>> 21:27:38 UTC (rev 2446)
> >>>>>>>> +++ plog/branches/plog-1.0.2/class/action/blogaction.class.php 2005-09-04
> >>>>>>>> 15:22:37 UTC (rev 2447)
> >>>>>>>> @@ -154,7 +154,7 @@
> >>>>>>>>            // "user" parameter.
> >>>>>>>>            if( !$blogId && !$blogName ) {
> >>>>>>>>                // check if there was a user parameter
> >>>>>>>> -                 if( !empty($userName) ) {
> >>>>>>>> +                if( !empty($userName) ) {
> >>>>>>>>                    // if so, check to which blogs the user belongs
> >>>>>>>>                    $users = new Users();
> >>>>>>>>                     $userInfo = $users->getUserInfoFromUsername(
> >>>>>>>> $userName );
> >>>>>>>> @@ -165,7 +165,11 @@
> >>>>>>>>                        // get the first one (any better rule for this?)
> >>>>>>>>                        if( !empty($userBlogs)) {
> >>>>>>>>                            $blogId = $userBlogs[0]->getId();
> >>>>>>>> +                        } else {
> >>>>>>>> +                            $blogId =
> >>>>>>>> $this->_config->getValue('default_blog_id');
> >>>>>>>>                        }
> >>>>>>>> +                    } else {
> >>>>>>>> +                        $blogId =
> >>>>>>>> $this->_config->getValue('default_blog_id');
> >>>>>>>>                    }
> >>>>>>>>                }
> >>>>>>>>                else {
> >>>>>>>> @@ -178,6 +182,8 @@
> >>>>>>>>                        $blogId =
> >>>>>>>> $this->_config->getValue('default_blog_id');
> >>>>>>>>                    }
> >>>>>>>>                }
> >>>>>>>> +            } else {
> >>>>>>>> +                $blogId = $this->_config->getValue('default_blog_id');
> >>>>>>>>            }
> >>>>>>>>
> >>>>>>>>            // fetch the BlogInfo object
> >>>>>>>> Modified:
> >>>>>>>> plog/branches/plog-1.0.2/class/action/resourceserveraction.class.php
> >>>>>>>> ===================================================================
> >>>>>>>> --- plog/branches/plog-1.0.2/class/action/resourceserveraction.class.php
> >>>>>>>> 2005-09-03 21:27:38 UTC (rev 2446)
> >>>>>>>> +++ plog/branches/plog-1.0.2/class/action/resourceserveraction.class.php
> >>>>>>>> 2005-09-04 15:22:37 UTC (rev 2447)
> >>>>>>>> @@ -60,7 +60,7 @@
> >>>>>>>>            // "user" parameter.
> >>>>>>>>            if( !$blogId && !$blogName ) {
> >>>>>>>>                // check if there was a user parameter
> >>>>>>>> -                 if( !empty($userName) ) {
> >>>>>>>> +                if( !empty($userName) ) {
> >>>>>>>>                    // if so, check to which blogs the user belongs
> >>>>>>>>                    $users = new Users();
> >>>>>>>>                     $userInfo = $users->getUserInfoFromUsername(
> >>>>>>>> $userName );
> >>>>>>>> @@ -71,7 +71,11 @@
> >>>>>>>>                        // get the first one (any better rule for this?)
> >>>>>>>>                        if( !empty($userBlogs)) {
> >>>>>>>>                            $blogId = $userBlogs[0]->getId();
> >>>>>>>> +                        } else{
> >>>>>>>> +                            $blogId =
> >>>>>>>> $this->_config->getValue('default_blog_id');
> >>>>>>>>                        }
> >>>>>>>> +                    } else{
> >>>>>>>> +                        $blogId =
> >>>>>>>> $this->_config->getValue('default_blog_id');
> >>>>>>>>                    }
> >>>>>>>>                }
> >>>>>>>>                else {
> >>>>>>>> @@ -84,6 +88,8 @@
> >>>>>>>>                        $blogId =
> >>>>>>>> $this->_config->getValue('default_blog_id');
> >>>>>>>>                    }
> >>>>>>>>                }
> >>>>>>>> +            } else {
> >>>>>>>> +                $blogId = $this->_config->getValue('default_blog_id');
> >>>>>>>>            }
> >>>>>>>>
> >>>>>>>>            // fetch the BlogInfo object
> >>>>>>>> _______________________________________________
> >>>>>>>> pLog-svn mailing list
> >>>>>>>> pLog-svn at devel.plogworld.net
> >>>>>>>> http://devel.plogworld.net/mailman/listinfo/plog-svn
> >>>>>>>>
> >>>>>>>
> >>>>>>> _______________________________________________
> >>>>>>> pLog-svn mailing list
> >>>>>>> pLog-svn at devel.plogworld.net
> >>>>>>> http://devel.plogworld.net/mailman/listinfo/plog-svn
> >>>>>>>
> >>>>>>
> >>>>>> **************************************
> >>>>>> Jon Daley
> >>>>>> http://jon.limedaley.com/plog/
> >>>>>>
> >>>>>> Talking much about oneself can also be a means to conceal oneself.
> >>>>>> -- Friedrich Nietzsche
> >>>>>> _______________________________________________
> >>>>>> pLog-svn mailing list
> >>>>>> pLog-svn at devel.plogworld.net
> >>>>>> http://devel.plogworld.net/mailman/listinfo/plog-svn
> >>>>>>
> >>>>>>
> >>>>>
> >>>>> _______________________________________________
> >>>>> pLog-svn mailing list
> >>>>> pLog-svn at devel.plogworld.net
> >>>>> http://devel.plogworld.net/mailman/listinfo/plog-svn
> >>>>
> >>>> **************************************
> >>>> Jon Daley
> >>>> http://jon.limedaley.com/plog/
> >>>>
> >>>> So, what's with this guy Gideon, anyway?
> >>>>    And why can't he ever remember his Bible?
> >>>> _______________________________________________
> >>>> pLog-svn mailing list
> >>>> pLog-svn at devel.plogworld.net
> >>>> http://devel.plogworld.net/mailman/listinfo/plog-svn
> >>>
> >>> _______________________________________________
> >>> pLog-svn mailing list
> >>> pLog-svn at devel.plogworld.net
> >>> http://devel.plogworld.net/mailman/listinfo/plog-svn
> >>>
> >>
> >> **************************************
> >> Jon Daley
> >> http://jon.limedaley.com/plog/
> >>
> >> Never save anything for a special occasion.
> >> Every day you are alive is a special occasion.
> >> -- Ann Wells
> >> _______________________________________________
> >> pLog-svn mailing list
> >> pLog-svn at devel.plogworld.net
> >> http://devel.plogworld.net/mailman/listinfo/plog-svn
> >
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.plogworld.net
> > http://devel.plogworld.net/mailman/listinfo/plog-svn
> >
> 
> **************************************
> Jon Daley
> http://jon.limedaley.com/plog/
> 
> The meanness of another merely provides an excuse to hate,
>    but never a valid reason.
> -- Joseph Girzone
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.plogworld.net
> http://devel.plogworld.net/mailman/listinfo/plog-svn
>



More information about the pLog-svn mailing list