Gossamer Forum
Home : Products : Gossamer Links : Discussions :

Re: [el noe] user must not be logged in to be user

Quote Reply
Re: [el noe] user must not be logged in to be user In reply to
Hi,

The only way to make this safe from cgi input (as by default any cgi input can be used in a tag) is to add the following global:

is_logged_in => sub { return $USER ? 1 : 0 }

and then do:

<%if is_logged_in%>
..
<%endif%>

CGI input can not override globals, so even if someone passes in is_logged_in=1 in the query string, it won't work.

Cheers,

Alex
--
Gossamer Threads Inc.
Subject Author Views Date
Thread user must not be logged in to be user el noe 6867 May 14, 2002, 7:36 AM
Thread Re: [el noe] user must not be logged in to be user
Paul 6807 May 14, 2002, 8:40 AM
Thread Re: [Paul] user must not be logged in to be user
el noe 6732 May 14, 2002, 9:05 AM
Thread Re: [el noe] user must not be logged in to be user
Alex 6714 May 14, 2002, 8:45 PM
Thread Re: [Alex] user must not be logged in to be user
el noe 6717 May 14, 2002, 10:40 PM
Thread Re: [el noe] user must not be logged in to be user
cwschroeder 6449 Oct 18, 2008, 8:04 AM
Thread Re: [cwschroeder] user must not be logged in to be user
Andy 6485 Oct 18, 2008, 1:50 PM
Thread Re: [Andy] user must not be logged in to be user
cwschroeder 6425 Nov 1, 2008, 9:56 PM
Post Re: [cwschroeder] user must not be logged in to be user
Andy 6419 Nov 2, 2008, 1:50 AM