[pmwiki-users] Author cookies

Sat Aug 12 15:12:13 CDT 2006

Pico,

That sounds like a useful idea. Maybe a bit more text to make it clear 
that the password is common, and the user name is used for change 
identification (not authorization), in the case of the default 
authorization protocol. That would also avoid the "why doesn't the 
stupid page save?!?!" experience when once forgets to add the author 
name (when required) at the bottom of the edit form. Not to mention the 
ability of administrators to draw attention to the fact the the user 
should use his/her own name for the sake of promoting consultation among 
authors as to the reasons for content changes.

- Henrik

Henrik Bechmann
www.osscommons.ca
www.bechmannsoftware.com
Webmaster, www.dufferinpark.ca

Pico wrote:
> Patrick R. Michaud wrote:
>> On Sat, Aug 12, 2006 at 01:35:32PM -0400, Henrik Bechmann wrote:
>>>>> Or are you advocating that the saving of author name be 
>>> completely separated from ?action=logout ? 
>>> I'm finding this a bit hard to articulate; let me try this:
>>> [...]
>>
>> I'll need some time to absorb and respond to your other comments,
>> but first, a quick question in response to...
>>
>>> Having a checkbox as I advocate would allow the user to decide what 
>>> to do about the user name *between* sessions.
>>> [...]
>>>>> If this is the case, then after someone has indicated they want 
>>>>> the author name saved on a particular machine, how do they get it 
>>>>> removed later?
>>> By unchecking the "Save author on this computer" option.
>>
>> ...where do you expect the checkbox to appear?
>>
>>
>
> How about always display it on the login screen?
>
> I think I must be missing something, because it seems so obvious, so 
> I'll break down the steps to make the discussion explicit:
>
>
> 1. User1: First login, wants to be remembered.
>
> a. PmWiki renders this:
>
> PASSWORD REQUIRED
> Name:     [_____]  [__] Remember me next login
> Password: [_____]  [OK]
>
> b. User submits this:
>
> PASSWORD REQUIRED
> Name:     [User1]  [ X] Remember me next login
> Password: [*****]  [OK]
>
> 2. User1: Subsequent login
>
> a. PmWiki renders this:
>
> PASSWORD REQUIRED
> Name:     [User1]  [ X] Remember me next login
> Password: [_____]  [OK]
>
> b. User submits this:
>
> PASSWORD REQUIRED
> Name:     [User1]  [ X] Remember me next login
> Password: [*****]  [OK]
>
> 3. User2: First login on machine used by User1
>
> a. PmWiki renders this:
>
> PASSWORD REQUIRED
> Name:     [User1]  [ X] Remember me next login
> Password: [_____]  [OK]
>
> b. User submits this (for one-time login):
>
> PASSWORD REQUIRED
> Name:     [User2]  [__] Remember me next login
> Password: [*****]  [OK]
>
> c. or User submits this (to take over machine):
>
> PASSWORD REQUIRED
> Name:     [User2]  [ X] Remember me next login
> Password: [*****]  [OK]
>
>
> Discussion
>
> Under this scenario, checking the Remember me box means that the 
> cookie will be save *AND* that the input field will be pre-filled with 
> a default value, with the user being required to fill in the password 
> field.
>
> If a new user comes along, they can change the contents of the name 
> field and choose whether to check or uncheck the Remember me box 
> before filling in the password and submitting.  If they check the box, 
> then the cookie is changed, but if they uncheck the box, the existing 
> cookie (if any) remains unchanged but its contents are disregarded (or 
> trumped) by the contents of the name field.  If that isn't possible 
> with the existing system of cookies and variables, then maybe the 
> existing cookie, and or variable, should be split off into two 
> separate cookies, or variables.
>
> Pico
>