On Sat, May 30, 1998 at 01:42:42PM -0700, John Viega wrote: | On Sat, May 30, 1998 at 04:37:38PM -0400, Scott wrote: | > | > how do you tell the difference between a cookie running out and no | > cookie being submitted in the first place? | | I think by checking to see if there are extra CGI parameters passed? | If so, you can assume they were still on your page.
that's a good idea.
| > | Also, I noticed that it looks like the edithtml pages don't share the | > | same cookie (and, in fact, aren't using cookies at all at the moment...) | > | > true. it seems like they should more for the sake of uniformity than | > anything else, as there's no reason to hide publicly accessible html | > pages from people. this shouldn't be too hard to do with the existing | > isAuthenticated function from the admin cgi. i don't think i'll have | > time to that before i go away June 1-10, but i'm willing to change | > edithtml when i get back if no one's done it yet. | | Would it be possible to keep 1 central auth checking function? I also | noticed that admindb needs a similar mechanism. Also, when we add a | site administrator's UI, we'll need to use the same functionality | again...
i'm sure it would be possible, and thought that maybe such things should go in a general mailman cgi library, maybe in modules/mm_cgilib.py? i'm not sure where the best place for that is.
scott