[sldev] RFC: design proposal for VWR-1071

Melinda Green melinda at superliminal.com
Tue Jul 14 16:07:51 PDT 2009

Previous message: [sldev] RFC: design proposal for VWR-1071
Next message: [sldev] RFC: design proposal for VWR-1071
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mike Monkowski wrote:
> Cypren Christenson wrote:
>   
>> * The use of a combo box for the first field, with selection setting
>> the contents of multiple fields, may be confusing. Any other options
>> here that would be more intuitive while also keeping the aesthetic
>> sensibility of the existing login screen would be welcome.
>>     
>
> How about auto completion?
>   

Hey, that's a great idea! It would require a tricky special 
implementation of auto-complete that would offer matching first+last 
name pairs and then on acceptance would separate them to fill in the 
other text boxes, but that UI would likely be more natural to a new user 
than an editable drop-down field. This still requires a way for users to 
erase entries from the list but I think my previous suggestion of tying 
that action to unchecking the "remember password" check box might work.

>> * Possible security concerns with the characters selected for the
>> delimiters. With LLPanel::childSetPrevalidate to filter characters
>> from input, the worst-case scenario seems to be that a malicious user
>> could edit settings files and induce boost::tokenizer to fail to parse
>> the string correctly. In that event, we would simply clear the
>> relevant fields. Are there other concerns I'm missing?
>>     
>
> I think the settings are FirstName and LastName.  I don't see the 
> password in the settings file.  But instead of mashing everything 
> together, you could create setting called FirstNameAlt1, FirstNameAlt2, 
> LastNameAlt1, LastNameAlt2, ...  You'd have to make sure that you move 
> the names up the list when one gets deleted, otherwise you wouldn't know 
> where to stop, since I don't think the settings lookup allows a wildcard.

This would be new data. I like Cypren's suggestion to mash it all 
together into a single (new) string value rather than as separate 
settings and/or places that would only need to be gathered all together 
anyway. For compatibility, I suppose it could look for the old 
First/Last Name settings when the new setting is not found but I don't 
see that as important.

Good luck!
-Melinda

Previous message: [sldev] RFC: design proposal for VWR-1071
Next message: [sldev] RFC: design proposal for VWR-1071
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SLDev mailing list