Forum OpenACS Q&A: Javascript Popup Login

I am looking for code to do a popup.
...not just any code, Elegant code!
Here is what I'd like:

From a page open to an un-registered user
this user clicks on a link to a registered user
area, A popup box appears with the name/email/cookie
etc. request. (the /register/ page).

If errors, the message is shown in the same popup window
so that it can be corrected...(ex: 'First name required')
If successful, the popup goes away and the original full
screen browser is redirected to the registered user content.

One annoying thing about popup windows is that they
can get hidden if the main brower is clicked. It's there
but hidden and inexperienced useres don't know to click
on the task bar...

Also, you may try to convince me not to use Javascript
popups.... Will they work with 99.9% of browsers currently
in use?

-Bob

We're just wrapping up a project (built on ACS4) that has a lot of important functionality in popups, including the sort of thing you describe here - you have no idea how much you don't want to go down that path... Unless your client (you?) is absolutely set on it, I'd suggest not trying to retrofit that sort of interface onto ACS.

If you're set on it, I can offer some suggestions to do what you're after, but it won't be elegant by any stretch of the imagination.

You can avoid the "clicked in the main window and now I've lost
the popup" situation by using IE's window.showModalDialog() to
open a window that will hold focus untill it is closed, if you're
willing to tie yourself to IE... I presume the same behaviour can
be obtained with window.setZOptions() or onBlur="focus()" type
stuff.

There are 3 solutions I can see to your particular requirement,
none of which are particularly apealing to me.

Given that opening a new window for the login sequence can be
triggered by a) clicking on a link with an appropriate onClick
handler or target attribute, or b) an onLoad handler in a page -

a) can be achieved by ensuring every link presented to the user
has been modified to do the right thing (open login popup) if the
user doesn't have correct privileges to view the target page. The
general way to do this would be to give the request processor or
templating system knowledge of what pages are potentially
restricted and have it/them rewrite links on the fly in served
pages, but it'd probably be easier to manually go through every
page that might potentially link to restricted content and add
permission-checking logic there (I wouldn't want to maintain
somethink like that). The problem with both of these aproaches
is you're requiring someone else (individual pages or
RP/templating) to know the authorization status of every page in
the site instead of allowing individual pages to make up their
own minds when actually loaded.

b) allows you to keep privilege information in a page it affects
instead of pages that link to it, but you've lost the interaction
advantage of popping up a window saying "you need to login to
do that [OK] [Cancel]" and allowing a user to not follow the link.
Your interaction is then exactly the same as the standard ACS
process, and the popup gains you nothing in useability, so why
bother?