Re: [PHPLIB] login form on every page From: David Tiselius (david.t <email protected>)
Date: 11/10/99

Donncha O Caoimh wrote:
>
> Has anyone tried to put a login form on each page of a web site using
> phplib?
> At the moment I'm trying to let users login no matter where they are on
> the web site.
> I put a page_open command in prepend.inc and defined my own session,auth
> and perms classes.
> I had to hack around auth_loginform() a bit and added the following
> line:
>
> include("PATH_TO_DOCUMENT_ROOT".$PHP_SELF);
>
> in the function so it would feed out the same page and not
> loginform.ihtml..
> Of course, each page has a form with username,password and action=self
> so a user can login.
>
> Unfortunetly, most variable got lost in loginform() so they had to be
> "global"ised in the function and I had to run through HTTP_POST/GET_VARS
> and do $$key=$value..
>
> I ran across two problem though:
> phpinfo() stops dead just before it prints the "Environment" when a user
> isn't logged in.
> Works grand otherwise.
> I tried phpAds and that blows up when a user isn't logged in. I did some
> debugging and the $GLOBAL array isn't set when someone isn't logged in.
> Obviously, when someone is logged in, they don't have to go through
> loginform() but surely the variables should still exist.
>
> Complex to explain, but maybe someone had this trouble before?
>
> For the record, I'm using php 3.0.11, phplib 6.1, and Apache 1.3.6
>
> Donncha.
> -
> PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
> To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
> the body, not the subject, of your message.

I'm not sure if I've understod your problem, or if this is any help,
but...

I'm currently working on a similar thing (having a login-section on each
page, unless the visitor is already logged in of course), and it seems
to work the way I want.
I just made a new subclass to challenge_auth for this (ie I still use
Example_session and have never touched start_page()) and the changes are
all in the login_if() function.
That way the user can log out but the session i still "alive" (and
that's where the $GLOBALS array's kept - isn't it?).

My login_if() in the subclass to challenge_auth looks like this:

  function login_if($attempt) {
      global $sess, $username, $password;

      $challenge = md5(uniqid($this->magic));
      $sess->register("challenge");

    if ($attempt && ( "nobody" == $this->auth["uid"])) {
      $uid = false;
      $uid = $this->auth_validatelogin();
    }
         
    if($uid) {
      $this->auth["uid"] = $uid;
      $this->auth["uname"] = $username;
    }
    return $challenge;
}

I catch $challenge on the page
(
page_open(array("sess" => "st_st_Session",
                "auth" => "st_st_Challenge_Auth",
                "perm" => "st_st_Perm"));
$challenge = $auth->login_if($username);
)
so it can be used in the loginform later on the page. 

-- 
............................
 David Tiselius
 david.t <email protected>
 ICQ: 45809232
............................
-
PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
the body, not the subject, of your message.