Hi, I had a look at the source of a.g.o and thought that the dynamic login is pretty cluttered. (The try_login function is really big, and duplicates lots of code.) So I have been thinking a little about how this could be changed. What I am suggesting is one of the following: Possibility #1: After the user logs in, there is a javascript/submit button which then submits the data, and votes/adds the comment. Question is, whether the javascript/submit button is fine. Possibility #2: Every page is able to do the login. This means at the beginning of each page some function for the (possible) login needs to be called. With this setup it works like this: 1. User tries to access something that needs a login 2. User gets prompted for the password. (The form is a post to the _same_ page) 3. The page checks the login 3a. If successful it will display a message at the beginning of the page. After this the rest of the page just thinks that the user is logged in, and will work as if the user was logged in in the first place. Example of how this page might look like: http://benjamin.sipsolutions.net/tmp/3.png 3b. The user made a mistake with the password. Then a message could be displayed like: Wrong password. And after that the same happens as in 3a. The code later on will display the same login form again, exactly as in step 2. The only change for this is a function at the beginning of each page, that checks whether username and password was submitted, and if done tries to login the user. Both of these suggestions would get rid of the case statement in try_login, since the request of the user is handled by the same code as if the user was logged in in the first place. Both of these suggestions would remove big parts of the current dynamic login code. What do you think? Benjamin
Attachment:
signature.asc
Description: This is a digitally signed message part
