Gossamer Forum: Products: Gossamer Links: Discussions: Re: [el noe] user must not be logged in to be user (Alex)

Gossamer Threads

Home : Products : Gossamer Links : Discussions :

Re: [el noe] user must not be logged in to be user

May 14, 2002, 8:45 PM

Alex

Administrator (9387 posts)

May 14, 2002, 8:45 PM

Shortcut

Re: [el noe] user must not be logged in to be user In reply to

Hi,

The only way to make this safe from cgi input (as by default any cgi input can be used in a tag) is to add the following global:

is_logged_in => sub { return $USER ? 1 : 0 }

and then do:

<%if is_logged_in%>
..
<%endif%>

CGI input can not override globals, so even if someone passes in is_logged_in=1 in the query string, it won't work.

Cheers,

Alex
--
Gossamer Threads Inc.

Subject	Author	Views	Date
user must not be logged in to be user	el noe	6816	May 14, 2002, 7:36 AM

Re: [el noe] user must not be logged in to be user	Paul	6757	May 14, 2002, 8:40 AM

Re: [Paul] user must not be logged in to be user	el noe	6682	May 14, 2002, 9:05 AM

Re: [el noe] user must not be logged in to be user	Alex	6663	May 14, 2002, 8:45 PM

Re: [Alex] user must not be logged in to be user	el noe	6666	May 14, 2002, 10:40 PM

Re: [el noe] user must not be logged in to be user	cwschroeder	6398	Oct 18, 2008, 8:04 AM

Re: [cwschroeder] user must not be logged in to be user	Andy	6435	Oct 18, 2008, 1:50 PM

Re: [Andy] user must not be logged in to be user	cwschroeder	6374	Nov 1, 2008, 9:56 PM

Re: [cwschroeder] user must not be logged in to be user	Andy	6369	Nov 2, 2008, 1:50 AM

Gossamer Threads is a Vancouver-based company with over 28 years experience in web technology. From development to hosting, we partner with leading organizations around the globe and help to build their web presences, strategies and infrastructures.

Let’s talk: 1-877-715-7676