Re: [PHPLIB-DEV] "nobody" default authentication after login_if() From: Massimiliano Masserelli (negro <email protected>)
Date: 11/24/99

On Wed, Nov 24, 1999 at 02:15:09AM -0600, Adam N. Thompson, MCNE wrote:
 AT> If we call login_if() to allow a "nobody" user to log in, then the
 AT> user clicks the "back" button...
 AT> They aren't returned to "nobody" status - they are forced to log in.
 AT> The call to unauth() inside login_if() causes this, of course, but is
 AT> there any way to prevent it?

Yes, but it is a bit tricky. I mean, when the login form is displayed, the
uid is no longer "nobody" or "2097vdskjh0ds09dus" or "", but "auth". This
means that we have presented a form and we should validate the form
input. To exit from this state, you have to set a global, which by default
is $cancel_login (but you may change the name via $auth->$cancel_login) in
all public pages. If you think your users are a bit smarter, provide a
"cancel" button in the loginform.ihtml which calls
$sess->url("a/public/page.php3?cancel_login=1").

Bye. 

--
     Massimiliano Masserelli       |     URL:    http://www.interim.it/
     Internet Images S.r.l.        |     Tel:    +39-051-3390671
     vicolo Viazzolo, 3            |     Fax:    +39-051-557890
     40124 - Bologna - Italy       |
-------------------------------------------------------------------------------
Uva, s.f.:
	Frutta che abbronza.
		-- Da it.hobby.umorismo
-
PHPLIB Developers Mailing List. Send messages to <phplib-dev <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-dev-request <email protected>> in
the body, not the subject, of your message.