[geeklog-devtalk] geeklog-devel digest, Vol 1 #368 - 9 msgs

geeklog-devel-request at lists.geeklog.net geeklog-devel-request at lists.geeklog.net
Thu Aug 5 13:00:01 EDT 2004

Previous message: [geeklog-devtalk] geeklog-devel digest, Vol 1 #367 - 1 msg
Next message: [geeklog-devtalk] geeklog-devel digest, Vol 1 #369 - 2 msgs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Send geeklog-devel mailing list submissions to
geeklog-devel at lists.geeklog.net

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.geeklog.net/listinfo/geeklog-devel
or, via email, send a message with subject or body 'help' to
geeklog-devel-request at lists.geeklog.net

You can reach the person managing the list at
geeklog-devel-admin at lists.geeklog.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of geeklog-devel digest..."

Today's Topics:

1. Re: PHP Sessions and PEAR Class (Dirk Haun)
2. Re: 1.3.10 to do list (Dirk Haun)
3. Re: PHP Sessions and PEAR Class (Vincent Furia)
4. Re: PHP Sessions and PEAR Class (Blaine Lang)
5. Re: PHP Sessions and PEAR Class (Dirk Haun)
6. Re: PHP Sessions and PEAR Class (Blaine Lang)
7. Re: PHP Sessions and PEAR Class (Tony Bibbs)
8. Re: PHP Sessions and PEAR Class (Blaine Lang)
9. Re: 1.3.10 to do list (Vincent Furia)

--__--__--

Message: 1
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class
Date: Wed, 4 Aug 2004 20:56:55 +0200
Organization: Terra Software Systems
Reply-To: geeklog-devel at lists.geeklog.net

Guys,

>We had a IRC discussion today and have agreed to add support for PHP

>SESSIONS into GL 1.3.10 (current CVS)

What was originally suggested sounded like a harmless little addition.
With all these options of the HTTP_Sessions class, I'm beginning to
wonder if it wouldn't be better to hold this back for the next release
after 1.3.10 ...

bye, Dirk

--
http://www.haun-online.de/
http://mypod.de/

--__--__--

Message: 2
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] 1.3.10 to do list
Date: Wed, 4 Aug 2004 21:02:20 +0200
Organization: Terra Software Systems
Reply-To: geeklog-devel at lists.geeklog.net

Coming back to this:

>We should update the minimum requirements for Geeklog as well. Since

>we've started using $_REQUEST in the core code in several places we'll

>need to require PHP 4.1.0 or higher (at a minimum).

Only pdfgenerator.php, comment.php and some comment-related code in lib-
common.php seem to use $_REQUEST.

How much work would it be to convert that code to using $HTTP_POST_VARS
and $HTTP_GET_VARS?

We have to move away from the $HTTP_xxx_VARS arrays eventually, as they
seem to be disabled by default in PHP 5.0.0, but can we make one more
release with the current requirements (which are PHP 4.0.4) and then
convert all of it to $_POST, $_GET, and $_REQUEST for the next release
(and, consequently, raise the requirements to PHP 4.1.0)?

bye, Dirk

--
http://www.haun-online.de/
http://geeklog.info/

--__--__--

Message: 3
Date: Wed, 4 Aug 2004 15:14:03 -0400
From: Vincent Furia <vfuria at gmail.com>
To: geeklog-devel at lists.geeklog.net
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class
Reply-To: geeklog-devel at lists.geeklog.net

I agree. If we push it back we can plan things out a bit better and
maybe eliminate some of those other cookies we have...

Dirk, maybe you should call out "feature freeze" and just spend the
next two weeks squashing bugs in what we have thus far?

-Vinny

On Wed, 4 Aug 2004 20:56:55 +0200, Dirk Haun <dirk at haun-online.de> wrote:

> Guys,

>

> >We had a IRC discussion today and have agreed to add support for PHP

> >SESSIONS into GL 1.3.10 (current CVS)

>

> What was originally suggested sounded like a harmless little addition.

> With all these options of the HTTP_Sessions class, I'm beginning to

> wonder if it wouldn't be better to hold this back for the next release

> after 1.3.10 ...

>

> bye, Dirk

>

> --

> http://www.haun-online.de/

> http://mypod.de/

>

> _______________________________________________

> geeklog-devel mailing list

> geeklog-devel at lists.geeklog.net

> http://lists.geeklog.net/listinfo/geeklog-devel

>

--__--__--

Message: 4
From: "Blaine Lang" <geeklog at langfamily.ca>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class
Date: Wed, 4 Aug 2004 15:17:32 -0400
Reply-To: geeklog-devel at lists.geeklog.net

There actually is not that much that has to be added. I added 3 lines.

I think it makes sense to use $_CONF to set these defines for the few that
may want to change them.
The defaults will be fine for most cases.

I'd like to see this added as I can use this now in my plugins.
We can then explore how we want to use it for the Core GL but at least the
few lines required to enable it are there.

I'd add the SESSIONS destroy on logout as well.

My other questions were about the CLASS itself and I was thinking Tony or
Vince had some insights.

Blaine

----- Original Message -----
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Sent: Wednesday, August 04, 2004 2:56 PM
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class

Guys,

>We had a IRC discussion today and have agreed to add support for PHP

>SESSIONS into GL 1.3.10 (current CVS)

What was originally suggested sounded like a harmless little addition.
With all these options of the HTTP_Sessions class, I'm beginning to
wonder if it wouldn't be better to hold this back for the next release
after 1.3.10 ...

bye, Dirk

--
http://www.haun-online.de/
http://mypod.de/

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel

--__--__--

Message: 5
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class
Date: Wed, 4 Aug 2004 22:56:01 +0200
Organization: Terra Software Systems
Reply-To: geeklog-devel at lists.geeklog.net

Vinny,

>I agree. If we push it back we can plan things out a bit better and

>maybe eliminate some of those other cookies we have...

Yeah, I've always had the feeling (and got the occasional complaint) that
we're using too many cookies.

>Dirk, maybe you should call out "feature freeze" and just spend the

>next two weeks squashing bugs in what we have thus far?

We need one or two new features for the integration of the SpamX plugin,
and I don't want to rule out the occasional minor addition (as long as it
doesn't break anything or require too many changes), but in general
bugfixes are currently the #1 priority.

bye, Dirk

--
http://www.haun-online.de/
http://www.macosx-faq.de/

--__--__--

Message: 6
From: "Blaine Lang" <geeklog at langfamily.ca>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class
Date: Wed, 4 Aug 2004 17:13:44 -0400
Reply-To: geeklog-devel at lists.geeklog.net

Vinny Wrote: I agree. If we push it back we can plan things out a bit better
and maybe eliminate some of those other cookies we have...
Dirk wrote Yeah, I've always had the feeling (and got the occasional
complaint) that we're using too many cookies.

I'm not sure we can eliminate these cookies since SESSIONS probally will
only be resident on the server (if files are used) for 15min or so and if we
use the DB for SESSIONS would we not be removing them as well after some
configured time interval.

Adding suport for SESSIONS should not be complicated to add to GL and it
would be good to get some exposure and testing so that we can tweak it's
usage and determine how best to use SESSIONS in our GL functions.

----- Original Message -----
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Sent: Wednesday, August 04, 2004 4:56 PM
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class

Vinny,

>I agree. If we push it back we can plan things out a bit better and

>maybe eliminate some of those other cookies we have...

Yeah, I've always had the feeling (and got the occasional complaint) that
we're using too many cookies.

>Dirk, maybe you should call out "feature freeze" and just spend the

>next two weeks squashing bugs in what we have thus far?

We need one or two new features for the integration of the SpamX plugin,
and I don't want to rule out the occasional minor addition (as long as it
doesn't break anything or require too many changes), but in general
bugfixes are currently the #1 priority.

bye, Dirk

--
http://www.haun-online.de/
http://www.macosx-faq.de/

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel

--__--__--

Message: 7
Date: Wed, 04 Aug 2004 16:49:25 -0500
From: Tony Bibbs <tony at tonybibbs.com>
To: geeklog-devel at lists.geeklog.net
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class
Reply-To: geeklog-devel at lists.geeklog.net

Sessions are session. Thus how long a session lives either using files
or the DB is up to the coder. It sounds like you thought the TTL was
different for both and they are, in fact the same.

Just a point of clarity.

--Tony

Blaine Lang wrote:

>Vinny Wrote: I agree. If we push it back we can plan things out a bit better

>and maybe eliminate some of those other cookies we have...

>Dirk wrote Yeah, I've always had the feeling (and got the occasional

>complaint) that we're using too many cookies.

>

>I'm not sure we can eliminate these cookies since SESSIONS probally will

>only be resident on the server (if files are used) for 15min or so and if we

>use the DB for SESSIONS would we not be removing them as well after some

>configured time interval.

>

>Adding suport for SESSIONS should not be complicated to add to GL and it

>would be good to get some exposure and testing so that we can tweak it's

>usage and determine how best to use SESSIONS in our GL functions.

>

>----- Original Message -----

>From: "Dirk Haun" <dirk at haun-online.de>

>To: <geeklog-devel at lists.geeklog.net>

>Sent: Wednesday, August 04, 2004 4:56 PM

>Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class

>

>

>Vinny,

>

>

>

>>I agree. If we push it back we can plan things out a bit better and

>>maybe eliminate some of those other cookies we have...

>>

>>

>

>Yeah, I've always had the feeling (and got the occasional complaint) that

>we're using too many cookies.

>

>

>

>

>>Dirk, maybe you should call out "feature freeze" and just spend the

>>next two weeks squashing bugs in what we have thus far?

>>

>>

>

>We need one or two new features for the integration of the SpamX plugin,

>and I don't want to rule out the occasional minor addition (as long as it

>doesn't break anything or require too many changes), but in general

>bugfixes are currently the #1 priority.

>

>bye, Dirk

>

>

>

>

--__--__--

Message: 8
From: "Blaine Lang" <geeklog at langfamily.ca>
To: <geeklog-devel at lists.geeklog.net>
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class
Date: Wed, 4 Aug 2004 18:49:59 -0400
Reply-To: geeklog-devel at lists.geeklog.net

Tony wrote:

> Sessions are session. Thus how long a session lives either using files

or the DB is up to the coder. It sounds like you thought the TTL was
different for both and they are, in fact the same.

Nope - I knew that the location of storage had no effect. Thats not what I
was referring to.

I was stating that SESSIONS are not normally designed to be active as long
as cookies and thus we may not find they can replace cookies. I was also
stating that we may want to use $_CONF for some of the SESSION settings such
as TTL.

Tony, can you review my initial questions I'd like your input.

I've just reviewed the CLASS code and have these questions and observations

1) There will likely be a need to add a few new $_CONF options,
specifically:
- Mode: Option to use DB or Session files
- Session_name: Default
- Expiretime: Time for session to be active
- Idletime: Possibly needed

2: What is the difference between Expire Time and Idle Time ?

3. What are the function methods for localVariables used for - what beneft ?
->setLocal(), ->getLocal(), ->localName()

4. I am thinking the only time we need to use session_destroy is upon
logout.

----- Original Message -----
From: "Tony Bibbs" <tony at tonybibbs.com>
To: <geeklog-devel at lists.geeklog.net>
Sent: Wednesday, August 04, 2004 5:49 PM
Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class

Sessions are session. Thus how long a session lives either using files
or the DB is up to the coder. It sounds like you thought the TTL was
different for both and they are, in fact the same.

Just a point of clarity.

--Tony

Blaine Lang wrote:

>Vinny Wrote: I agree. If we push it back we can plan things out a bit

better

>and maybe eliminate some of those other cookies we have...

>Dirk wrote Yeah, I've always had the feeling (and got the occasional

>complaint) that we're using too many cookies.

>

>I'm not sure we can eliminate these cookies since SESSIONS probally will

>only be resident on the server (if files are used) for 15min or so and if

we

>use the DB for SESSIONS would we not be removing them as well after some

>configured time interval.

>

>Adding suport for SESSIONS should not be complicated to add to GL and it

>would be good to get some exposure and testing so that we can tweak it's

>usage and determine how best to use SESSIONS in our GL functions.

>

>----- Original Message -----

>From: "Dirk Haun" <dirk at haun-online.de>

>To: <geeklog-devel at lists.geeklog.net>

>Sent: Wednesday, August 04, 2004 4:56 PM

>Subject: Re: [geeklog-devel] PHP Sessions and PEAR Class

>

>

>Vinny,

>

>

>

>>I agree. If we push it back we can plan things out a bit better and

>>maybe eliminate some of those other cookies we have...

>>

>>

>

>Yeah, I've always had the feeling (and got the occasional complaint) that

>we're using too many cookies.

>

>

>

>

>>Dirk, maybe you should call out "feature freeze" and just spend the

>>next two weeks squashing bugs in what we have thus far?

>>

>>

>

>We need one or two new features for the integration of the SpamX plugin,

>and I don't want to rule out the occasional minor addition (as long as it

>doesn't break anything or require too many changes), but in general

>bugfixes are currently the #1 priority.

>

>bye, Dirk

>

>

>

>

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel

--__--__--

Message: 9
Date: Wed, 4 Aug 2004 23:45:28 -0400
From: Vincent Furia <vfuria at gmail.com>
To: geeklog-devel at lists.geeklog.net
Subject: Re: [geeklog-devel] 1.3.10 to do list
Reply-To: geeklog-devel at lists.geeklog.net

For the record, instances of $_REQUEST in files:

public_html/comment.php:11
public_html/lib-common.php:7
public_html/mail/index.php:3
public_html/pdfgenerator.php:13
system/classes/search.class.php:1 <--- I think this is just a comment

I guess I can take care of comment.php if you really think this is
necessary. Honestly I don't think this is that big a deal. Anyone
using PHP < 4.1.0 is open to so many security holes we're probably
doing them a favor...

$_REQUEST makes things, much, much easier (at least in comment.php)
because forms submitting input to the script have a mix of GET and
POST variables (and often some variables are used both ways depending
on from where they are called).

-Vinny

On Wed, 4 Aug 2004 21:02:20 +0200, Dirk Haun <dirk at haun-online.de> wrote:

> Coming back to this:

>

> >We should update the minimum requirements for Geeklog as well. Since

> >we've started using $_REQUEST in the core code in several places we'll

> >need to require PHP 4.1.0 or higher (at a minimum).

>

> Only pdfgenerator.php, comment.php and some comment-related code in lib-

> common.php seem to use $_REQUEST.

>

> How much work would it be to convert that code to using $HTTP_POST_VARS

> and $HTTP_GET_VARS?

>

> We have to move away from the $HTTP_xxx_VARS arrays eventually, as they

> seem to be disabled by default in PHP 5.0.0, but can we make one more

> release with the current requirements (which are PHP 4.0.4) and then

> convert all of it to $_POST, $_GET, and $_REQUEST for the next release

> (and, consequently, raise the requirements to PHP 4.1.0)?

>

>

>

> bye, Dirk

>

> --

> http://www.haun-online.de/

> http://geeklog.info/

>

> _______________________________________________

> geeklog-devel mailing list

> geeklog-devel at lists.geeklog.net

> http://lists.geeklog.net/listinfo/geeklog-devel

>

--__--__--

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel

End of geeklog-devel Digest

Previous message: [geeklog-devtalk] geeklog-devel digest, Vol 1 #367 - 1 msg
Next message: [geeklog-devtalk] geeklog-devel digest, Vol 1 #369 - 2 msgs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devtalk mailing list