PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

Revisited: Logging With PHP
An introduction to the ADOdb class library for PHP
Visual Verification in PHP
PHP Form Validation System: An Object-Oriented Approach
How to build a mailbot in PHP

[PHPLIB] 3 questions + banging my head to find a way to logout of app on every form From: Thomas Porter (txporter <email protected>)
Date: 04/05/00

Next message: Darryl Ross: "[PHPLIB] Interbase"
Previous message: Peter Holm: "[PHPLIB] function auth_preauth()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have developed an application that lets a user log in, then creates a menu of
sub applications based on the permissions the user has in auth_user. The
"first" page in the app, is actually the menu page, which depends on the user
not being authenticated at first and invoking the auth_loginform() method to
display a login page, much like in the showoff.php3 included in the distro.

While I know that sessions will time out after a given time, I would like to
include a button or url at the bottom of my pages that will cause the session
to be destroyed and the user to be returned to the menu page, causing a new
login to take place.

I have tried messing around with the cancel_login variable, but am not clear on
how to use it, nor am I sure its the right thing to use to solve my problem.

I also tried setting up a link to a logoff.php3 (which produces no html) where
I issued a $sess->delete() after my page_open, then redirected to my original
menu page, but this does not seem to work properly.

Second Q. Am I right in thinking that when I go from one session managed page
to another, I have to use the $sess->url("foo.php3") construct in my
<a href=...> reference in order to get session data to pass along, or can I use
a straight URL of <a href="foo.php3">foo</a> so long as foo.php3 does a
page_open()?

Third Q. Is it possible, or even useful, to build code into
auth_validatelogin() that would detect if someone else was logged on with the
same userid as the person attempting to logon? Or would I not be able to tell
the difference between this and old sessions that had not been cleaned up by
garbage collection yet?

Last big conceptual question: What is the impact of the BACK button on session management? I have seen how at some times the back button takes me to a prior page, and at other times it generates a "data missing, press reload to repost" message.

-- Tom Porter txporter <email protected> ------------------------------------------------------------------------ "On two occasions I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question."

- PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>. To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in the body, not the subject, of your message.

Next message: Darryl Ross: "[PHPLIB] Interbase"
Previous message: Peter Holm: "[PHPLIB] function auth_preauth()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]