Re: [PHPLIB] auth_validatelogin() From: Roman Kalenjuk (rimo <email protected>)
Date: 12/10/99

Yep! :) I've managed things almost the same way. But this way
brings some dependencies. What should we do with a new version of
PHPLib for example? Rewriteing our auth.inc will fail the reg_system of a
project. May be PHPLib team will offer the solution in future releases, may be
we should find the right way
by ourselves and contribute it.

BTW: I've got small and cute :) function wich does not allow to
login as same user at the same time from different hosts. You may wish to do so
if you are selling the content of you site & affraid of
many_users_using_one_login_situation. May be
it will be usefull for somebody. You may tune it behavior by playing with
$sess->gc_time , $sess->gc_probability, $auth->liftime values.

^^^^^^^^^^^^^^^^^^^^ CUT ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#
# page_open() with sess, auth and user features must be used first
#
# $access_denied_handler is the name of the php script.
# <? echo "Access Denied"; exit; ?> for example.

function Single_Session_Check ($access_denied_handler)
{
  global $sess, $user, $REMOTE_ADDR, $_REG_REMOTE_ADDR, $_REG_SESS_ID;

    if((isset($_REG_REMOTE_ADDR) && isset($_REG_SESS_ID)) && ($_REG_REMOTE_ADDR
!= $REMOTE_ADDR || $_REG_SESS_ID != $sess->id))
    {
     include($access_denied_handler);
    }else{
     $_REG_REMOTE_ADDR = $REMOTE_ADDR;
     $_REG_SESS_ID = $sess->id;
     $user->register("_REG_SESS_ID");
     $user->register("_REG_REMOTE_ADDR");
    }

}

^^^^^^^^^^^^^^^^^^^^^^^CUT^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Regards,
Rimo

Bryan McGuire wrote:

> I was wrong!!!!
>
> The problem with switching modes between "reg" and "log" is that $auth->mode
> isn't persistant. If you change the mode and force it to do
> auth_registerform() , it still gets submitted back to auth_validatelogin()
> instead of auth_doregister(). I finally did get it to work the way I
> expected, but I had to modify setup() in auth.inc like this:
>
> $this->db = new $class;
> }
> ////////////////////// these lines added by Bryan McGuire
> if (!isset($this->auth["mode"])) $this->auth["mode"]="log"; #default is
> "log"
> $this->mode=$this->auth["mode"];
> ////////////////////// end of modification.
> # Check current auth state. Should be one of
>
> I also added the following line to the end of unauth():
>
> $this->auth["mode"]="log";
>
> In the beginning of my auth_validatelogin() I have the following code to
> check whether the registration form needs to be drawn:
>
> if ($new=="yes")
>
> $this->unauth();
> $this->nobody = false;
> $this->auth["mode"] = "reg";
> $this->start();
> }
>
> And at the end of my auth_doregister() I have it do this before returning
> the uid.
>
> $this->auth["mode"] = "log";
>
> -
> PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
> To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
> the body, not the subject, of your message. 

--
Roman Kalenjuk [Rimo]
-----------------------------[rimo <email protected>]
Internet Development & Unix System Administration

-
PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
the body, not the subject, of your message.