[ic] Strange setting of form vars to values upon login
Jon Jensen
jon at endpoint.com
Tue Jan 17 22:34:15 UTC 2017
On Tue, 17 Jan 2017, Josh Lavin wrote:
> I noticed something when submitting a login form, where the form
> variables would make their way into Values space.
>
> This happened whether or not the form action was "return" (should
> update variables) or "back" (don't update variables).
>
> The culprit lies in this code:
>
> if ($status = $user->login(%options) ) {
> ::update_user();
> }
>
> line 2955 of UserDB.pm.
>
> The update_user() sub is in Dispatch.pm, and it effectively adds items
> to the cart and then updates values with its update_values() sub.
>
> This has all been in the code since before CVS was added. :-)
>
> This causes the following form variables to go to Values space:
>
> mv_session_id
> mv_username
> mv_form_charset
> destination
> mv_form_profile
> mv_action
>
> which seems wrong to me.
>
> The update_user() sub is used other places in the code, so the rational
> solution to me seems to be to stop calling it upon login in UserDB.pm.
>
> Or else just live with it, if it is OK to have these in Values.
>
> Is this an issue?
What concretely are you proposing to change?
You mentioned that those variables are saved to values whether the form
action was "return" or "back". Do you propose changing the behavior of
only "back", or of more?
Thanks,
Jon
--
Jon Jensen
End Point Corporation
https://www.endpoint.com/
More information about the interchange-users
mailing list