>> I was hoping to be able to change my directory structure for >> qmailadmin like this: >> >> www.hostname.com/qmailadmin/index.cgi (the qmailadmin cgi script) >> www.hostname.com/qmailadmin/images/ (images directory) >> www.hostname.com/qmailadmin/help/ (the help files)
How are you planning on getting rid of "/cgi-bin/"? Can we make it so both of the following end up in the login page?
www.hostname.com/qmailadmin/index.cgi
www.hostname.com/qmailadmin/
WITHOUT changes to the default httpd.conf?
I've had resistance to PHP code that required special settings in the apache configuration. I don't have a problem with it, but one client can't do it, so I had to do many things a lot differently for him. You may have more choices on a dedicated mail server, but who knows. Personally I'd never give mere mortals shell/ftp access to _anything_ on my mail server, and certainly not host non email web pages on it, it seems others aren't so picky, or are unable to have separate boxes for web and mail.
>> Then, it would be possible to just go to >> http://www.hostname.com/qmailadmin/ and log in. For this to work >> though, the URLs need to be built slightly differently. Instead of >> appending "/com/showmenu?user=##U...", it should append >> "?com=showmenu&user=##U...".
That's pretty easy now. One of my changes in the templates replaces the common "user=##U&dom=##D&modu=##A&time=##T" with "##W". We can do this in just ##W now. Moving that info to the session file would be even better.
I have a pretty good handle on PHP session handling, and what you described sounds very similar. One thing, they assure me time is not a good choice, and prefer a MD-5 hash of several items to make the session keys harder to guess. I agree.
>> Also note that the two cases of that huge if/then/else have a lot of >> common code.
I have! That _is_ on my list. I already have too many changes at one
time, and want to get what I've done recorded in CVS before I do too much more.
>> I've wanted to pull that out so it's only called once. >> Again, it should be possible to collapse the first and last cases >> after(removing the second) into a single bit of code. You just go >> through the last code case if the com parameter isn't set.
One thing that is very important to me is making sure header.html and footer.html are ALWAYS sent. This probably involves breaking up send_template(), and using send_template_now() instead. (Then rename send_template_now() to send_template().)
Overall, I think we have similar ideas. How about branching CVS and
giving me write access to the development branch. 1.2.0 should be a
branch, and development should be HEAD. I think that's how they do it
in the PHP project, and it seems to work well. (I hope you know how to do it, I'm pretty
new to CVS too.
>> The filename is built from the 'time' parameter in the URL.
Login time or last access time? Is this what is used to limit the duration of unused session?
>>>> Is the color table something that is being added, or ignored? Some
>>>> existing code uses it, but not much. Should I expand its use or
>>>> remove it?
>
>>
>> It should probably be removed and the HTML should be updated extensively
>> to use CSS.
YES!!
Philipp Wagner posted some comments on this thread. I am thinking that once the new templates are stable we should ask him to modify the templates and build a plain jane .css file for QmailAdmin that would become the official distribution template. I am not up to doing the .css stuff, but I don't object to having it, as long as it doesn't require Javascript to render the page properly.
