World: r3wp

What's the problem with sessions? I'm not using PHP native sessions, 
It's just cookies anyway, you send something which identifies it 
on the other side. If someone say, that Rebol is bad, because there 
are no sessions, must be totally crazy. You don't even use cookies, 
you can send the id as a POST/GET variable. With Rebol I have much 
more control over the process. You can make SERVER in Rebol, but 
You cannot do that in PHP. So what, everything has it's own purpose.

I know - but then some ppl would have to understand what is behind 
the sessions - and there really is not magic :-)

I've just added a script to REBOL.org that offers session support 
in a CGI environment:

http://www.rebol.org/cgi-bin/cgiwrap/rebol/view-script.r?script=acgiss.r

Documentation: http://www.rebol.org/cgi-bin/cgiwrap/rebol/documentation.r?script=acgiss.r

And, yes, Petr, it really isn'y magic......Though I hope it is debugged. 
Please let me know otherwise.

Session ID management can be very simple as this script : http://www.ladyreb.org/wiki/doku.php?id=safe-session.r

This script offer some protection against replay attack.

Thanks C. It is really easy isn't it?

The main differences between your approach and mine that I can see 
are:
1. you hold all data in one file; mine uses one file per session

2. you create just a cookie; mine creates a session record in which 
the CGI script can save data

Either way, the scripts demonstrate that the problem is really trivial 
-- with the one need to create unique and hard-to-guess session ids. 
 We've both put some serious code into doing that.

Hi. Is it possible Google does not index properly our http://www.jablunkovsko.cz
site, because links to particular subsites are burried in java-script 
menu? I created account with google, and checked my robots.txt allows 
engine to visit my site ....

should I create sitemap in my google account for the particular domain?

example - try site:http://www.jablunkovsko.czbowling .... in google 
- only one link will show, whereas I would like the result to include 
(go to menu) "sport a relaxace"/bowling ....

pekr, link to site is dead

petr, why not just including a simple html links somewhere in the 
page? you can even hide it with js, so that a user does not see the 
links, but a spider will.

yes, that should work ... although I can imagine hiding the links 
... I will try to look at sitemap protocol - seems to be a standard 
...

Javascript only links will stop pretty much every spider.....So you 
won't appear in many search engines at all.

You will also be breaking a lot of people's assistive technologies 
(like screen readers for visually disabled people).

Best to have a site that is fully navigable via plain HTML links. 
Then add the clever stuff on top of that.
Google's advice:

http://www.google.com/support/webmasters/bin/answer.py?answer=35769
http://www.google.com/support/webmasters/
***

A high score here usually means you have  a person-friendly and spider 
friendly website:
http://www.cynthiasays.com/

Also, look up 'Progressive Enhancement' or 'Hijax', both describe 
techniques consistent with Sunanda's advice.

thanks for advices - initially my friend maight use Gabriele's advice 
of storing hidden links into index.html somewhere, so that search 
engine can index the site properly.

But bear in mind the *specific* advice on the Google page:
<<Avoid hidden text or hidden links.>>

Is building and submitting a purpose built crawler page an outdated 
technique?

It must be easy enough to generate one in Rebol

..but it seems to be dissaproved of by Google

Search engines like to index things a user can see.

Thye get suspicious of anything that appears to be built just for 
the.....No surprising given how much they have been gamed by SERPS 
spammers.

Having a human-readable site map has the same effect as a crawler 
page *and* taks you a long way towards having a site that is navigable 
by people under any conditions.
***

The google-approved method of doing a crawler page is to use what 
they call a sitemap:
http://www.google.com/support/webmasters/bin/topic.py?topic=8476

Someone could easily modify Carl's site-checker to emit a google 
sitemap:

http://www.rebol.org/cgi-bin/cgiwrap/rebol/view-script.r?script=site-check.r

How to reset variables sent from a form using POST method without 
redirecting into new page? I mean how to prevent, that using reload 
will resend the values again. I usualy just set location to other 
page after processing, but now I have case when I need to display 
informations without change of the location. I think I've seen somewhere 
that it's possible using http response, but cannot find it:(

I'm not sure of a single http header designed for this purpose.  
There are cache controls, but how long to set them for?  Or etags/if-none-match, 
but would that prevent the browser's resend warning?  Or a token 
value in your form that expires after one submission, though also 
would not prevent the resend warning.  Or sessions?

never mind, I will do it in the way I do it usually, that means redirect 
to other page after processing of the upload

if there is nothing, you could id  the page and block further  replies 
 with the same id.

Volker, that is etags...

i guess i am clueless and beter  stop spamming. what is etags?^^

compare the post values to the last sent post values?

Etags should work like this: client requests a resource, server returns 
resource and etag header.  Client again requests resource, but this 
time sends if-none-match header with etag value and server can then 
decide whether to process the request or send 304 not changed.  I 
haven't explored this much so don't know how well it's supported 
-- I'm not sure how appropriate the solution is, but would involve 
the least server activity.

ah

the problem is, that if you are posting large file, it's not too 
good, as all file is first uploaded again and than you can decide, 
if you want it to store for example. I though I sow something, but 
maybe it was just a fata morgana, I thing, that the best is the redirect. 
My problem is, that I'm trying to connect on database, which was 
not designed by me, so there is no crypted id for the data I upload, 
just incremental integer, which I don't want to use, as I would give 
chance to everybody go thru the data just inserting other numbers. 
I have to take a risk, modify the original database adding ne column 
with crypted id and redirect to the uploaded data using this id. 
And hope, that I will find and modifie all places, where is this 
database used:(

reload resends post data? I thought that to resend post data you 
have to press submit button :-)

nevertheless now I understand why I sometimes get double posts with 
some chat boards :-)

It depends on which browser you are using -- they have different 
behaviours in this area.

Hmm, im using http-tools , I login to a page which sends a cookie 
which I then have to send back everytime, however the cookie seems 
to expire after one post :/

anyone user http-tools off of rebol.org ?

REBOL's POST , GET etc really need re-working -- for an IT aware 
language posting to websites id ridicoulously hard

is*

charles, welcome to reality !  In theory rebol supports many protocols 
but in practice the support is incomplete and it has been incomplete 
for a long time. check rebol.org, there are several patches for cookies 
support

I wrote http-tools, but haven't used it for years.

you normally need to send the cookie each time ... that's what browsers 
do

yes, I am sending it each time, but for some reason it seems to only 
like the first request, after that it expires , or something else 
is going wrong ... Id really like to see a client with transparent 
support for cookies

are you getting a redirect from the second page ... that is followed 
without the cookie

oldes did something on transparent support ..

so did I .. but that was long ago.

Yes, I did, and if you scroll a little bit up, you can find the link 
easilly - it's in big yellow block of text:) And I agree, that it 
would be good to have cookies support directly in Rebol, as my cookies-daemon 
is relly hard hack I cannot be sure that it would not rewrite some 
future http protocol updates

Has anyone tried to solve at least some basic anti-spam form protection? 
I mean - those numbers/letters you have to rewrite to your form field, 
in order to be processed? Will it work with rebface at least, if 
my Linux server has no X-Win installed?

I want to do some small post-card system for my friend. He can't 
program much and adapted small php solution, but that solution is 
so basic, that it even does not randomize postcard number in presented 
link ... so you can cange your url and get access to someone's else 
message. That is imo unacceptable.

What I really like is www.view-card.com system. It is able to embedd 
images directly into email's body (not an attachement), but I found 
out, that most freemails has html email displaying turned off by 
default ....

had anyone done an email address validation according to rfc 2822? 
Well, I mean email adress part? Our to-email "whatever-stupidity-you-write-here423423423-rebol-considers-being-an-meail@{{}}}]//" 
is kind of funny :-)

I thought datatypes should be usefull, and there is exactly precise 
description of what is, and what is not email, so how Rebol can simplify 
it so much?

Not quite an email address validator, but the REBOL.org uses an email 
address spotter [contributed by Andrew Martin] to find and obsfucate 
email addresses in ML messages, etc.

You could use the same basic parse patterns to identify / validate 
email addresses. 

I haven't checked RFC 822 in detail, so it is likely that Andrew's 
code is more liberal than the actual spec, but it could be a starter.
Would you like a copy of the function?