Luc Andre a écrit :
On Sun, Sep 7, 2008 at 1:03 PM, Michal Čihař
<michal(a)cihar.com> wrote:
Hi
Just few comments to recent changes to Swekey.
Dne Sat, 06 Sep 2008 12:41:35 +0000
lem9(a)users.sourceforge.net napsal(a):
Revision: 11562
http://phpmyadmin.svn.sourceforge.net/phpmyadmin/?rev=11562&view=rev
Author: lem9
Date: 2008-09-06 12:41:34 +0000 (Sat, 06 Sep 2008)
Log Message:
-----------
latest Swekey fixes
<!-- Login form -->
@@ -268,7 +243,7 @@
<?php } ?>
<div class="item">
<label for="input_username"><?php echo
$GLOBALS['strLogUsername']; ?></label>
- <input type="text" name="pma_username"
id="input_username" value="<?php echo htmlspecialchars($default_user);
?>" size="24" class="textfield" <?php echo
$user_input_disabled; ?>/>
+ <input type="text" name="pma_username"
id="input_username" value="" size="24"
class="textfield"/>
What is reason for dropping default_user here? It
is used for user name
recall from cookie.
Oops, my mistake, I wanted to remove only <?php echo $user_input_disabled; ?>
Fixed.
+
Swekey_SetUnplugUrl(key, "pma_login", url +
"/libraries/auth/swekey/unplugged.php?session_to_unset=<?php echo
session_id();?>");
This still won't work, if user has disable access to
libraries, what is
what we suggest.
I''m working on it.
+
function open_swekey_site()
+ {
+ window.open("http://www.swekey.com?promo=pma");
+ }
Didn't we agree not to put any direct links to their website?
I didn't know about that decision, what is the link to your page ?
See Documentation.html "If you want to purchase....".
+
var input_username = document.getElementById("<?php echo $input_name;
?>");
+ var input_go = document.getElementById("<?php echo $input_go;
?>");
+ var swekey_status = document.createElement('img');
+ swekey_status.setAttribute('onClick',
'open_swekey_site()');
+ swekey_status.setAttribute('style', 'width:8px; height:16px;
border:0px; vspace:0px; hspace:0px; frameborder:no');
+ if (user == null)
+ {
+ swekey_status.setAttribute('src',
'http://artwork.swekey.com/unplugged-8x16.png');
+ //swekey_status.setAttribute('title', 'No
swekey plugged');
+ input_go.disabled = true;
+ }
+ else
+ {
+ swekey_status.setAttribute('src',
'http://artwork.swekey.com/plugged-8x16.png');
Do we have to use external
images?
We want to use the same images for all the apps that use swekey
authentication, for consistency reason.
We can put your images in our code base, why not?
*
Version 1.0
*
* History:
+ * 1.2 Use curl (widely installed) to query the server
+ * Fixed a possible tempfile race attack
+ * Random token cache can now be disabled
Documentation should mention curl
requirement.
We can leave without it, so it is not a requirement.
https access can work without curl functions?
* 1.1
Added Swekey_HttpGet function that support faulty servers
* Support for custom servers
* 1.0 First release
@@ -54,6 +57,12 @@
if (! isset($gSwekeyStatusServer))
$gSwekeyStatusServer = 'http://auth-status.musbe.net';
Why is default
still http?
This file is shared across application and we don't want to set https
by default yet (mainly for perfoemances reasons)
For PMA https IS the default because we put the https server's url is
the conf file.
-define
("SWEKEY_STATUS_STOLLEN",4); // The key was stolen (typo kept for backward
comp)
-define ("SWEKEY_STATUS_STOLEN",4); // The key was stolen
+define ("SWEKEY_STATUS_STOLLEN",4); // The key was stollen
+define ("SWEKEY_STATUS_STOLEN",4); // The key was stollen
Why
introducing a typo and removing explanation comment?
Sorry I'm not native english speaker and I receive a complain that
stolen took 2 'L's.
My spelling checker didn't complain so I beleived the guy.
After investigating STOLLEN is a famous german cake, that's why my
spelling checker didn't complain :(
I'll fix that too.
Michal meant that if you want to keep the typo, why remove the comment
that explains why you want to keep the typo?
\
-------------------------------------------------------------------------
This
SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Phpmyadmin-devel mailing list
Phpmyadmin-devel(a)lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel