"Phillip J. Eby" wrote:
At 08:47 AM 8/6/99 +0100, Tony McDonald wrote:
So, I put some logic at the top of standard_html_header like so:
<!--#if "AUTHENTICATED_USER=='AnonUser'"--> <!--#call "RESPONSE.redirect('denied')"--> <!--#/if--> <html> <head> etc etc
And I *still* get the main page showing up and telling me I'm AnonUser (ie the page I get is what I should see if I'm ValidUser).
Does standard_html_header do some other voodoo that isn't plainly obvious?
No. The problem is that:
<!--#if "AUTHENTICATED_USER=='AnonUser'"-->
Should be:
<!--#if "AUTHENTICATED_USER.name=='AnonUser'"-->
Because AUTHENTICATED_USER is a user *object*, not a string. The string representation of a user object is its .name attribute, but if you try to just compare a user object to a string, it will always fail.
Actually: <!--#if "_.str(AUTHENTICATED_USER)=='AnonUser'"--> is better, because it doen't rely on the name attribute. Jim -- Jim Fulton mailto:jim@digicool.com Python Powered! Technical Director (888) 344-4332 http://www.python.org Digital Creations http://www.digicool.com http://www.zope.org Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B) This email address may not be added to any commercial mail list with out my permission. Violation of my privacy with advertising or SPAM will result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.