Aristotle Pagaltzis
Sat, 06 Feb 2010 11:33:55 -0800
* Kiffin Gish <kiffin.g...@planet.nl> [2010-02-06 11:25]: > I'm not so sure that I agree, though I can appreciate your > point of view. > > All I'm doing in fact is using the $user->id saved in the > session, there being nothing papered over for authorization > which is accomplished via the usual login mechanism.
I’m talking about the fact that you don’t want users to know their account ID. Why would it be any problem if they do know it? * Bill Moseley <mose...@hank.org> [2010-02-06 17:35]: > Plus, it sure is handy in documentation to say: > > To update your personal profile go to: http://example.com/myprofile True. My first inclination would be to handle that with a redirect. * Oliver Charles <oliver.g.char...@googlemail.com> [2010-02-06 18:15]: > We have to points in urls for this: > > * /user/<id>/<foo> > "Public" viewing of user stuff (public may mean only > a restricted set of users can view it, but it's not private) > > * /account/<action> > For doing stuff that only you can do to your own account > (change password etc) ++ I’ve found this to be a generally good idea, not only to reduce the amount of conditional checks in server code and templates, but also from the user’s point of view, as it makes it readily possible to access all the different views to a resource. Basically: URIs are cheap. Don’t be afraid to have more of them. HTTP infrastructure suffers much more where there are too few URIs than where there are too many. Regards, -- Aristotle Pagaltzis // <http://plasmasturm.org/> _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/