>>>>> "Randal" == Randal L Schwartz <merlyn@stonehenge.com> writes:
Randal> Consider also something like Slashdot, where the templates are loaded Randal> from a database... I can also see that here. Maybe state-to-class is Randal> dynamic based on current user ID or other security parameter? Really, Randal> there's policy there, and it's best to let that be plugged in. To further this, let's say I had a $big_client that needs to show a login page if the user isn't logged in, regardless of whatever "state" the ->get_state returns. They can override ->get_class to simply return the login page if not logged in, regardless of whatever state it's asked to show, and yet the old state is preserved for a "return to FOO link". And then the ->get_state can be changed from hidden fields to pathinfo without messing up the authorization section. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ cgi-prototype-users mailing list cgi-prototype-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cgi-prototype-users