[Phpgroupware-developers] Re: phpgw's handling of cookies

[totschnig . michael]

"Patrick Walsh (mr_e)" <address@hidden> a écrit:

>> my ideas was that the second cookie would not be set at the beginning
>> of a new session, but only at the moment where a user
>> switches from phpgroupware to sitemgr-site or the other way round.
>
>     So all links between the two would require the session id to be passed
> via get parameters.  Hmmmm.

I am not sure if this would require get parameters. Why couldn't we
call setcookie in the two "connector" functions?

>
>     I'm not sure this is the best functionality.  If someone is logged in in
> phpgroupware and then enters the sitemgr url manually or from a bookmark, I
> think that sitemgr should recognize their credentials.  I think it is
> perhaps only the contributor who is testing pages who wants to be recognized
> as anonymous.

I do not think that it is a big constraint for users to remember that
access to the public website requires clicking on the link which is
provided in the navigation bar. On the contrary I think it makes sense
with respect to consistency of the user interface. In any case they
have to log in through phpgroupware before viewing the site with their
user identity.
But what I have observed with users here is that they are very
confused by what happens when they navigate the other way round: They
have visited the public website, an anonymous session gets
created. Then they want to log in and type the phpgroupware url or
choose it from their bookmarks and expect to get the login screen, but
instead they find themselves inside the phpgroupware interface, but
logged in as anonymous, and they have to log out before they can log
in. My proposal would get rid of the problem.

Regards,

Michael