[ic] More getting logged out of the admin.

Paul Vinciguerra pvinci at vinciguerra.com
Mon Sep 8 01:29:46 EDT 2003


I found  mv_session_id missing from a number of more forms in pages in the
admin.  I'd like to submit some more fixes to the admin if they are appropriate.

The affected admin pages are:

affiliates.html       item.html           merge_meta.html  payment.html
edit_metaconfig.html  merchandising.html  order.html       test_code.html

I wrote a little script to find pages that had "<form" elements but not
mv_session_id.  It claims that there are still 32 more pages in
lib/UI/pages/admin that need to be fixed, which I will volunteer to fix if
there pages have not  been depreciated.  It seems many of them are not linked.

-Paul


---Script ---
@mv_session_ids   = `grep "mv\_session\_id"  * | cut -d : -f1 | sort | uniq`;
@pages_with_forms = `grep -i "<form" * | cut -d : -f1 | sort | uniq`;

%seen = ();
@missing = ();

foreach $page (@mv_session_ids) {
  $seen{$page} = 1;
}

foreach $page (@pages_with_forms) {
  unless ($seen{$page}) {
   push (@missing, $page);
  }
}
print "mv_session_ids:", scalar(@mv_session_ids), " \n";
print "forms         :",  scalar(@pages_with_forms), " \n";
print "missing       :",  scalar(@missing), " \n";
print @missing;



------------------------------------


diff -c affiliates.html- affiliates.html
*** affiliates.html-    Sun Sep  7 20:26:47 2003
--- affiliates.html     Sun Sep  7 20:28:14 2003
***************
*** 35,40 ****
--- 35,41 ----
  <FORM ACTION="[area @@MV_PAGE@@]">
  <INPUT NAME=ui_text_qualification>
  <INPUT TYPE=submit VALUE="Limit with search">
+ <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">
  </FORM>
  [if cgi ui_text_qualification]
  <H3>[msg arg.0="[cgi ui_text_qualification]"]Entries containing "%s"[/msg]</H3>

diff -c item.html- item.html
*** item.html-  Sun Sep  7 21:12:07 2003
--- item.html   Sun Sep  7 22:56:50 2003
***************
*** 92,97 ****
--- 92,98 ----
  [output name=search_box]
  <FORM ACTION="[area @@MV_PAGE@@]">
  <INPUT NAME=ui_text_qualification type=text class=s3>
+ <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">
  <INPUT TYPE=submit VALUE="[L]Limit with search[/L]" class=s3>
  </FORM>

***************
*** 344,349 ****
--- 345,351 ----

  <FORM ACTION="[area __UI_BASE__/item_edit]" METHOD=POST>
  <INPUT TYPE=hidden NAME=mv_action VALUE=back>
+ <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">
  <table width="100%" border=0 cellpadding=0 cellspacing=1 class=rseparator>

  <tr class=rhead><TD>&nbsp;</TD>

diff -c merchandising.html- merchandising.html
*** merchandising.html- Sun Sep  7 21:00:55 2003
--- merchandising.html  Sun Sep  7 21:01:39 2003
***************
*** 51,56 ****
--- 51,57 ----
  [output name=search_box]
  <FORM ACTION="[area @@MV_PAGE@@]">
  <INPUT NAME=ui_text_qualification>
+ <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">
  <INPUT TYPE=submit VALUE="[L]Limit with search[/L]">
  </FORM>


diff -c merge_meta.html- merge_meta.html
*** merge_meta.html-    Sun Sep  7 18:32:01 2003
--- merge_meta.html     Sun Sep  7 19:26:08 2003
***************
*** 286,291 ****
--- 286,292 ----
  [output name=top_of_form]
        <form action="[process href=@@MV_PAGE@@]" method=POST name=mergeform>
        <input type=hidden name=mv_action value=back>
+         <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">
  [output name=""]
        <table cellspacing=0 cellpadding=2 id=identical_tab width=800>
        [perl]


diff -c order.html- order.html
*** order.html- Sun Sep  7 21:07:32 2003
--- order.html  Sun Sep  7 21:08:49 2003
***************
*** 163,174 ****
--- 163,176 ----
                <td class=s3>
                <FORM ACTION="[area admin/order_view]">
                [L]View order[/L]: <INPUT NAME=order VALUE="[cgi order]" class=s3>
+                 <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">
                <INPUT TYPE=submit VALUE="[L]Go[/L]" class=s3>
                </FORM>
                </td>
                <td>
      <FORM ACTION="[area @@MV_PAGE@@]">
      <INPUT NAME=ui_text_qualification VALUE="" class=s3>
+     <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">
      <INPUT TYPE=submit VALUE="[L]Limit with search[/L]" class=s3>
      </FORM>
                </td>

diff -c payment.html- payment.html
*** payment.html-       Sun Sep  7 21:21:04 2003
--- payment.html        Sun Sep  7 21:21:46 2003
***************
*** 65,70 ****
--- 65,71 ----
  [/calc]
  <form action="[area @@MV_PAGE@@]" method=POST>
  <INPUT TYPE=hidden NAME=change_payment VALUE=do>
+ <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">

  <table __UI_T_PROPERTIES__>

diff -c test_code.html- test_code.html
*** test_code.html-     Sun Sep  7 22:16:34 2003
--- test_code.html      Sun Sep  7 22:18:33 2003
***************
*** 11,17 ****


  <FORM ACTION="[area @@MV_PAGE@@]">
!
  <table>
  [if cgi itl_code]
        <tr>
--- 11,17 ----


  <FORM ACTION="[area @@MV_PAGE@@]">
! <INPUT TYPE=hidden NAME=mv_session_id VALUE="[data session id]">
  <table>
  [if cgi itl_code]
        <tr>




More information about the interchange-users mailing list