Gossamer Forum: Products: Gossamer Links: Discussions: Re: [el noe] user must not be logged in to be user (Alex)

Gossamer Threads

Home : Products : Gossamer Links : Discussions :

Re: [el noe] user must not be logged in to be user

May 14, 2002, 8:45 PM

Alex

Administrator (9387 posts)

May 14, 2002, 8:45 PM

Shortcut

Re: [el noe] user must not be logged in to be user In reply to

Hi,

The only way to make this safe from cgi input (as by default any cgi input can be used in a tag) is to add the following global:

is_logged_in => sub { return $USER ? 1 : 0 }

and then do:

<%if is_logged_in%>
..
<%endif%>

CGI input can not override globals, so even if someone passes in is_logged_in=1 in the query string, it won't work.

Cheers,

Alex
--
Gossamer Threads Inc.

Subject	Author	Views	Date
user must not be logged in to be user	el noe	6803	May 14, 2002, 7:36 AM

Re: [el noe] user must not be logged in to be user	Paul	6744	May 14, 2002, 8:40 AM

Re: [Paul] user must not be logged in to be user	el noe	6668	May 14, 2002, 9:05 AM

Re: [el noe] user must not be logged in to be user	Alex	6649	May 14, 2002, 8:45 PM

Re: [Alex] user must not be logged in to be user	el noe	6652	May 14, 2002, 10:40 PM

Re: [el noe] user must not be logged in to be user	cwschroeder	6385	Oct 18, 2008, 8:04 AM

Re: [cwschroeder] user must not be logged in to be user	Andy	6421	Oct 18, 2008, 1:50 PM

Re: [Andy] user must not be logged in to be user	cwschroeder	6361	Nov 1, 2008, 9:56 PM

Re: [cwschroeder] user must not be logged in to be user	Andy	6355	Nov 2, 2008, 1:50 AM

Gossamer Threads is a Vancouver-based company with over 28 years experience in web technology. From development to hosting, we partner with leading organizations around the globe and help to build their web presences, strategies and infrastructures.

Let’s talk: 1-877-715-7676