draigwen (![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
draigwen) wrote in ![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png)
dw_dev_training2009-08-08 10:09 pm
draigwen) wrote in dw_dev_training2009-08-08 10:09 pm
Need help with POST and referer stuff
I'm trying to get back into fixing bugs, etc, again, but my head is spinning and I think I'm beginning to regret it! ;)
Some help would be appreciated to help get my head around something. I'm currently looking at bug 1557.
I'm fairly comfortable with the gist of the bug, and of the two pages mentioned I think I can fix interests.bml with no problem at all. The problem is with login.bml. It's not so much using check_referer that I'm struggling with, but the redirecting once the referer has been checked.
The code I'm looking at is:
Firstly, I don't quite understand the difference between the if and else statements: what are $referer, $POST{'ref'}, and $GET{'ret'}? I think being comfortable with the difference between these three would help greatly.
The second (which may be cleared up by the answer to the first problem), is that if I get rid of my
Hope my questions make a little sense. It's late so I'll probably look at this again in the morning. At least I can fix some of the more simple files!
Some help would be appreciated to help get my head around something. I'm currently looking at bug 1557.
I'm fairly comfortable with the gist of the bug, and of the two pages mentioned I think I can fix interests.bml with no problem at all. The problem is with login.bml. It's not so much using check_referer that I'm struggling with, but the redirecting once the referer has been checked.
The code I'm looking at is:
my $referer = BML::get_client_header('Referer');
if ($POST{'ref'} =~ /\Q$LJ::DOMAIN\E/ && $POST{'ref'} !~ m!/logout\.bml$! &&
$POST{'ref'} !~ /[\n\r]/)
{
return BML::redirect("$POST{'ref'}");
} elsif ($GET{'ret'} == 1 && $referer && $referer =~ /\Q$LJ::DOMAIN\E/) {
my $uniq = BML::get_request()->notes->{uniq};
if ($uniq) {
LJ::MemCache::set("loginout:$uniq", 1, time() + 15);
}
return BML::redirect("$referer");
}Firstly, I don't quite understand the difference between the if and else statements: what are $referer, $POST{'ref'}, and $GET{'ret'}? I think being comfortable with the difference between these three would help greatly.
The second (which may be cleared up by the answer to the first problem), is that if I get rid of my
$referer = BML::get_client_header('Referer'); then what do I redirect to in the second instance?Hope my questions make a little sense. It's late so I'll probably look at this again in the morning. At least I can fix some of the more simple files!
no subject
$referer is where the web browser says it was coming from when the user clicked the link to get where they are now. For the check_referer function, the desired referer is the first arg and the actual referer, specified here in $referer, is the second arg.
$GET{'ret'} is set to 1 if after login, the site wants you to be redirected back to the page you were looking at before, as indicated by $referer.
$POST{'ref'} looks like it handles a special case where if a form was submitted with a value of ref=some url, it redirects to that url instead of $referer.
The two places where the code is trying to match /\Q$LJ::DOMAIN\E/, and also the place where the code is trying not to match m!/logout\.bml$! look to me like the places you want to use the check_referer function. If neither $POST{'ref'} nor $GET{'ret'} is set, no referer-based action takes place.
Good luck!
no subject
no subject
no subject