Fixed bug #3509665 - Grid editing does not work after session expires#10
Fixed bug #3509665 - Grid editing does not work after session expires#10roccivic wants to merge 1 commit intophpmyadmin:masterfrom
Conversation
|
@1: Those are not checks, but rather initialisations of variables. Since I moved the 'is_ajax_request' variable initialisation to the top of the page and the 'grid_edit' is similar and logically belongs together with 'is_ajax_request', I moved both. Also have a look at the part of the commit where I'm removing the lines from, it reads: @2: Good point, I'll look at how to change the pull request in a minute. Nope, IMO not possible. Link: A user might have some data that he/she changed in the grid edit, so the grid editing locks the user in "editing mode". A user though will naturally attempt to click the link, but instead of being redirected to the login page makegrid will just attempt to save the data again and the same message will pop up again. To be able to click the link the user will have to press "Esc" first and then click. Redirect: This, IMO, is out of the question as it will have to be implemented on client side and will have to be coded in every place where JS processes AJAX responses. Again, the user will also lose unsaved data... |
|
This actually needs to be though through a bit better since there areas in our code base where requests that contain the "ajax_request=1" parameter actually expect HTML in the reply and sending a JSON reply to them might break things. |
Link to bugtracker: https://sourceforge.net/tracker/index.php?func=detail&aid=3509665&group_id=23067&atid=377408
What I did in the commit is move the initialisation of the 'is_ajax_request' (and 'make_grid', since they logically belong together) global variable to the top of common.inc.php where other variables are initialised, so that lower down in this file it can be checked in a standard way if we are dealing with an AJAX request.
Then if that's the case and the user is not authenticated, just reply with a "Session expired" message encoded as JSON.
Bye,
Rouslan