Howdy list, Sam, I'm wanting to add the ability to log back in and restore an expired session to sqwebmail.
I'm pretty sure I know how I want to do it now too. Let me know if anyone sees any obvious problems with this idea (security, implementation, etc...): This functionality is basically designed to allow users to log back in WITHOUT loosing any emails they were composing when their session timed out. From what I've seen, it looks like the create message page submits everything using POST, but this idea could be adapted with just a bit more work to accomodate GET requests also. Basically, my idea is to simply save the contents of the POST request (or GET request) to a file in the user's home directory _IF_ the hard timeout has _NOT_ been exceeded, but the soft-timeout _HAS_ been exceeded. Let's call this file ".sqwebmail-saved" for the sake of discussion. We then display a special "Login to Resume Session" page. Let's call this page resume.html for the sake of discussion. Anytime a user logs in with the login.html, expired.html, or invalid.html page we delete ".sqwebmail-saved". We could also delete this file after the hard timeout from the clean cache perl script. But, if the user logs in using the new resume.html page, AND their session's hard-timeout has NOT been exceeded, we take the data from the .sqwebmail-saved file and use it to replace all current CGI GET and POST data. Sounds pretty simple to me. What thinks the list? -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net
