I am no longer hacking for UBB and do not offer any support for any of my hacks.

All messages that follow in this thread were added prior to this announcement, made on 5/14.

I will not respond to any support requests of any type, and no exceptions. Maybe someone else will take over login.cgi and keep the spirit going.

Please do NOT add any replies to this forum for support requests.

[ May 15, 2001 08:36 AM: Message edited by: JimGoldbloom ]

Sorry if I missed this..

But is there a way so that it would only kick them back to the login page if they were inactive for x number of y (hours, minutes, whatever). So if they were actively browsing the Board (reading, posting, etc) they would not be forced to log-in again.

I hope that was clear (?!), either way this addition to your already super hack sounds very cool, if for just making them log in every time they close the browser Damn the cookies!

Keep up the good work!

Naw, can't do the inactivity timer - that would require tracking clicks and a timer for each HTTP connection. Talk about horrific server load if it was maintained that way. Or it would require a fancy applet run client side and surely crash most people's machines or not work if Java disabled for a simply security bypass. Sorry, it's just not gonna happen. Cookie expiration is the name of the game for the most compatibility with fewest browser and client resources.

The hack itself is gonna be somewhat tricky, it'll have to read the cookie value and compare the present time with that time then display the difference. I will need to do some conversions of data and other things.

I plan on possibly adding in an optional javascript alert popup if admins want to warn usings of impending logout, i.e. "You have 5 minutes left", all wordlets of course.

Yes, you're right - I fully expect the "session only" to be a very popular setting. The other values could be useful for educational or business oriented setups, just to name two likely possibilities.

-jim

Jim, this is what I have been waiting for - I did email you about this under a different name a few weeks ago But I think I could make myself understood to what I was after - LOL

Nice one mate - i'm rocking now

FYI to all: I uploaded a new image so do a refresh or dump cache and see the new snapshot in the previous post. I updated it 8pm EST 4/28. I may update it again if I add more stuff... kinda cool way to see what I am doing!

Polestar:


I hear ya. I was waiting until Infopop was finally somewhat finished with their source. It's more stable now in terms of basic cookie handling. This is gonna be one helluva kick-ass beta, I promise you.

I am testing the basics on my own forum and it's working, remarkably.

-Jim

[ April 28, 2001 06:59 PM: Message edited by: JimGoldbloom ]

This is a work in constant progress. I am just teasing some of you! heh

[ May 12, 2001 02:36 PM: Message edited by: JimGoldbloom ]

Looking REALLY nice, I visited your Forums to check it out. Keep us updated on the progress! I am looking forward to a Beta.

Jim,
Something else I would like to see in your script would be that the last login time for a user was stored in a profile field. I would love to have the login script check that field either instead of or in addition to a cookie so that members who use different computers would have their lightbulbs in synch on any computer they use.

Amy

Amy... I mentioned that specifically earlier in this conversation. I am probably going to wait until UBB 6.1 comes out before I mess with profile fields since they're gonna be changing alot of source which may affect profiles in one form or another.

Let's deal with cookies, for this beta. One step at a time... one step at a time!

-Jim

Good work Jim - This gets better by the day.

Yeah... you know tonight I will work on adding in cookie settings for specific access levels (guest/new user, junior member, member, moderator) and admin will default to 2 years. Maybe it's a little overkill, but it's not that hard to do and why the heck not? It's kinda wild.

I'm struggling with determining how long until a cookie has until it expires (i.e. "you have 30 minutes left") - by comparing present time to expire time. I'm trying to do this without setting another cookie.

-jim

Tonight I added in the following:

• Set time limit for guests
• Set time limit for "Junior Members"
• Set time limit for "Members" (access level)
• Set time limit for "Moderators"
• Administrators automatically get 2 years (maximum allowed) and custom "Unlimited Time" wordlet
• New members and folks who click on lost pwd links are session only

The way it works (so far) is I added some info onto the ubber cookie at login so the forum knows the access level without having to do any disk work on the server. Cool, huh?

Still to do...

• Logging of expiration event when forced logout occurs (not too hard)
• Time remaining displayed to the right of max time alloted
• Problem - if access level is increased during session, a new cookie is not created - problem if configured other than "session only"

I'm not too concerned about the problem stated above, I suspect most folks will want session only and most folks don't even remain online that long. In a perfect world the cookies would be dynamically created. Infopop doesn't update theirs, please note.

I should be ready in about a week or so. This beta is gonna scare some folks and hopefully get Infopop thinking also.

-Jim

You still got me dribbling Jim, good work.

Check out this example log...


04-30-2001 07:51 PM Login: Guest (Posting Prohibited) IP: 24.28.194.9 (24-28-194-9.mf.cox.rr.com)
03-30-2001 08:42 PM Forced logout: [Time limit expired]: Guest (Posting Prohibited) IP: 24.28.194.9 (24-28-194-9.mf.cox.rr.com)


Just to show you some cool stuff, in the above log example I went in as a guest and then later it kicked me out and logged me accordingly. I allow guests 30 minutes.

Other changes... I updated a few things to make it fully strict compatible, and I also changed the cookie delete routine so it works even better than before. Betas give me a chance to fix minor crap, basically.

Anyway, I am perfecting external mode and next up is transparent mode. I don't think the "time remaining" feature will make it into this first beta. That one is gonna be a pain to do.

BTW, as a test I used both NS and MSIE and basically set the clock ahead on my computer. I then tried to do something on my forum and it kicked me right back to my login screen as it should. Then I tried to bypass security and could not get back in unless I properly logged in.

It's coming along nicely. FYI.

-Jim

[ May 01, 2001 06:59 PM: Message edited by: JimGoldbloom ]

I am not too into the whole "force logging", but I am sure you can turn it off, so I will be fine.

What's forced logging?

You mean forced logout? Well, both are optionally, actually. You can enable or disable the log globally - or turn on/off specific events. Forced logout is optional also, you can set cookies for 2 years and I doubt someone will stay on your forum non-stop for 2 years! That's the default UBB setting. Or, you can set session only, which means they stay on as long as their browser is open and on your forum.

The one thing I make sure of is... all settings are options.

BTW, folks, I just added in a Javascript Alert dialog when users get timed out and kicked out. It's a wordlet, of course so you can customize!

Each successive post takes the anticipation meter up another notch! The horror! Sounds really, really nice.

The Time Remaining sounds really nice, I hope you manage to get it working (I have no doubts!)

Speed directed me to this hack... I gotta say it looks really sweet. Excellent job Jim!

Please see 1st message in this thread.

I am no longer code hacking and do not support any of my hacks. Thanks and cya.

[ May 15, 2001 08:37 AM: Message edited by: JimGoldbloom ]