Hi,
in AuthenticationCookie.class.php we verify whether $_COOKIE is empty, because at this point we have sent some cookies. The goal is to warn users about their browser not accepting cookies.
However, it's too early to do this verification, because "Once the cookies have been set, they can be accessed on the next page load with the $_COOKIE" (PHP manual).
We are not yet at the next page load. The result is that all browsers, correctly set to accept cookies, when running phpMyAdmin for the first time, show the "Cookies must be enabled past this point" message, alerting users for nothing.
Maybe we could force a page reload after the initial cookies sending, but I'm not sure it's a good solution.
I suggest to - remove this verification - in the "Cannot start session without errors" message (which can be caused by a browser not accepting cookies), add a hint that not accepting cookies is a possible cause
Comments?
Hi, Yes I agree with your suggestion. Actually this is one of the UI improvements I am going to do for my GSoC. This message confused me and my friends when using it.
Randall
On Saturday, May 25, 2013, Marc Delisle wrote:
Hi,
in AuthenticationCookie.class.php we verify whether $_COOKIE is empty, because at this point we have sent some cookies. The goal is to warn users about their browser not accepting cookies.
However, it's too early to do this verification, because "Once the cookies have been set, they can be accessed on the next page load with the $_COOKIE" (PHP manual).
We are not yet at the next page load. The result is that all browsers, correctly set to accept cookies, when running phpMyAdmin for the first time, show the "Cookies must be enabled past this point" message, alerting users for nothing.
Maybe we could force a page reload after the initial cookies sending, but I'm not sure it's a good solution.
I suggest to
- remove this verification
- in the "Cannot start session without errors" message (which can be
caused by a browser not accepting cookies), add a hint that not accepting cookies is a possible cause
Comments?
-- Marc Delisle http://infomarc.info
Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net javascript:; https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
Hi,
I think of another solution, after I read this [0].
You basically have a hidden input in the login form, and set its value to be false. This will check if Javascript is enabled. Then if JS is enabled, use the JS to check cookie status, and display certain messages if necessary. In the mean time, change hidden input value to true. If JS is disabled, the submitted form will receive value "false" from the hidden input, we know that the client disabled JS. And if no cookie can be received at this page(we still send a cookie in the first page, just cannot check it without reload. This page is the second page the user will visit), we can safely display that both your JS and cookies are disabled.
In short, the cookie will be checked twice by JS and php. And we happen to be able to ckeck JS status on the server side.
Randall
[0] http://www.4guysfromrolla.com/ASPScripts/PrintPage.asp?REF=%2Fwebtech%2F0824...
On Saturday, May 25, 2013, Randall Fan wrote:
Hi, Yes I agree with your suggestion. Actually this is one of the UI improvements I am going to do for my GSoC. This message confused me and my friends when using it.
Randall
On Saturday, May 25, 2013, Marc Delisle wrote:
Hi,
in AuthenticationCookie.class.php we verify whether $_COOKIE is empty, because at this point we have sent some cookies. The goal is to warn users about their browser not accepting cookies.
However, it's too early to do this verification, because "Once the cookies have been set, they can be accessed on the next page load with the $_COOKIE" (PHP manual).
We are not yet at the next page load. The result is that all browsers, correctly set to accept cookies, when running phpMyAdmin for the first time, show the "Cookies must be enabled past this point" message, alerting users for nothing.
Maybe we could force a page reload after the initial cookies sending, but I'm not sure it's a good solution.
I suggest to
- remove this verification
- in the "Cannot start session without errors" message (which can be
caused by a browser not accepting cookies), add a hint that not accepting cookies is a possible cause
Comments?
-- Marc Delisle http://infomarc.info
Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
Hi
Dne Sat, 25 May 2013 09:09:07 -0400 Marc Delisle marc@infomarc.info napsal(a):
I suggest to
- remove this verification
- in the "Cannot start session without errors" message (which can be
caused by a browser not accepting cookies), add a hint that not accepting cookies is a possible cause
Sounds good enough (anyway these errors will be quite rare).
Michal Čihař a écrit :
Hi
Dne Sat, 25 May 2013 09:09:07 -0400 Marc Delisle marc@infomarc.info napsal(a):
I suggest to
- remove this verification
- in the "Cannot start session without errors" message (which can be
caused by a browser not accepting cookies), add a hint that not accepting cookies is a possible cause
Sounds good enough (anyway these errors will be quite rare).
Fixed in [0].
[0] https://github.com/phpmyadmin/phpmyadmin/commit/ec6a47d8a034608efc737499a371...