Re: [PHPLIB] Another username issue From: Shawn Patton (shawn <email protected>)
Date: 02/09/00

Hello,

Your error was because you included the $ in $username:
If $username equals "joe" then you've just registered variable $joe.
The correct way would be:
$sess->register("username");
This should be changed in the docs.

But on the other hand the above is incorrect for another reason.
It is VERY insecure.

As stated in the phplib manual , never register invalidated form
data,( which username is).

Instead register the username after it is validated. In the example
classes in the distribution, the validated username is placed in
$auth->auth["uname"].

So you could register your user as follows:

$current_user = $auth->auth["uname"];
$sess->register("current_user");

Shawn

Louise wrote:

> Hi, i want to make $username available on all pages , protected or not,
> after the client has logged in successfully
>
> i tried $sess->register($username);
> after the user is logged in but that isn't working.. Is there a particular
> spot i should be putting it in? Or is it recorded as another variable??
>
> Sorry for the newbie question :)
>
> Louise
>
> -
> PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
> To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
> the body, not the subject, of your message.

-
PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
the body, not the subject, of your message.