[Phpmyadmin-devel] Fwd: Log-in screen and problem with file ./libraries/common.inc.php

Mon Mar 29 14:25:13 CEST 2010

On Mon, Mar 29, 2010 at 5:18 PM, Michal Čihař <michal at cihar.com> wrote:

> Hi
>
> Dne Mon, 29 Mar 2010 02:11:47 +0530
> Rohit Kalhans <rohit.kalhans at gmail.com> napsal(a):
>
> > Well i have made some changes towards implementing the AJAX UI in form of
> a
> > plug-in with slight change to the native code.
> >
> > 1. Created the folder ajaxUI in the root directory which will house all
> the
> > files related to the AJAX UI. This folder will be helpful as this will
> house
> > all the code for the ajax UI.
> >
> > 2. Added 2 new variables in the $cfg array in config.default.php. here is
> a
> > snippet of the added code
> >
> >
> /****************************************************************************************
> >  * Ajax UI config variables
> >  *
> >  */
> >
> >  /**
> >  * Advanced Ajax UI feature can be disable by the Admin
> >  *
> >  * @global boolean cfg['advancedAjaxInterface']
> >  */
> >
> > $cfg['advancedAjaxInterface']    = TRUE;
> >
> >  /**
> >  * Advanced Ajax UI feature can be disable by the Admin
> >  *
> >  * @global string cfg['pma_current_UI']
> >  * @possible values   'advanced' 'standard'
> >  * @default "standard"
> >  */
> >
> > $cfg['pma_current_UI'] = 'standard';
> >
> > The Administrator can choose to enable or disable the ajax interface
>  using
> > the config variable and in that case the option (mentioned in the next
> > point) will not be displayed.
>
> What would be reason for enabling/disabling AJAX? AJAX should not be
> intrusive and when user does not have enabled javascript, all should
> work as it works right now. I also don't get the difference between
> these two configuration options.
>

The Idea behind enabling and disabling AJAX is that I am trying to develop
it as a plug-in to the existing code, and the user can choose not to use
this feature. Since PMA is also being used by many hosting sites apart from
personal users, this may be up to the discretion of the service provider to
use this plug-in. he may uninstall this plug-in by changing the
cfg['advancedAjaxInterface'] to FALSE and the plug-in even it is installed
will be inactive and if the user(service provider) feels like people should
use this plug-in he just have  to change the value of the above mentioned
variable.

I have past experiences with Ajax and a few of them are not pretty gud. At
times when using ajax, on a slow connection (or for a busy server), this
becomes a problem more than a feature. this does not make AJAX intrusive but
on the contrary provides a flexibility to either use or do not use this
functionality (for the person who has installed PMA ) .

>
> > 3. Added the user option to select his current interface according to his
> > need. (check the attached image).
>
> Same applies as above.
>

This is for the user to make a choice whether or not he wants  to use this
feature or not. Say, he has to log in remotely, of from a different browser
which does not support JAVASCRIPT. Even though this can be detected but what
about old browsers (IE-6 etc which support javascript but are pretty slow
with JavaScript and may bore the user to death :) ) and slow
net-connections(say the user is using in prime-time). The user may need to
just load a basic html view and this drop-down box   provides him an option
to do that. However the default view takes care of the the graceful
degradation even if JavaScript is not enabled, (or present). Also if the
user chooses to use the Advanced UI and if javascript is not present or
enabled PMA will switch back to the normal view as it isnow with an alert to
the user.

The same technique is being used by ZIMBRA <http://www.zimbra.com/> and
GMAIL.

>
> > 4, Modified files like sql.php to get the desired html output suitable
> for
> > the Ajax interface if selected by the user (BY checking the value of
> > $cfg['pma_current_UI'] ).
> >
> > but I am struck in the *./libraries/common.inc.php *becoz this file
> converts
> > the all the POST and GET variables in to $_REQUEST variables and loads
> the
> > $cfg variables into $GLOBALS.
> >
> > The thing is that I want to modify the value of one of $GLOBALS['cfg']
> > ['pma_current_UI'] variable but could not do that as my $_POST variable
> is
> > disappearing mysteriously ;)
>
> Probably you are missing token for XSS protection and request variables.

are filtered.
>

Well i got that and now the code is working fine. Thanx newaz. for now i
have a different concern.
Can a git repository be accessed through a http proxy like squid?

>
> --
>        Michal Čihař | http://cihar.com | http://blog.cihar.com
>
>
> ------------------------------------------------------------------------------
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> Phpmyadmin-devel mailing list
> Phpmyadmin-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
>
>

-- 
Rohit Kalhans
homepage: http://rohit-kalhans.co.cc
BLOG: http://13lackburn.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20100329/41e4ddb6/attachment.html>