Re: [phplib] Default Authentication, $nobody and confusion From: Padraic Renaghan (list <email protected>)
Date: 07/20/00

* Dave Tilley <dave <email protected>> [Jul 20 12:08pm]:
> However, i am pulling my hair out trying to understand how this "default
> authentication" and $nobody works!

I just fought through this same issue a few days ago converting my
bookmarker software to use default authentication. It to has some
pages requiring "real" auth and others where "nobody" is fine.

I found that I needed to add a couple of functions to my subclass of
Auth in local.inc:
  function is_nobody() {
    if ($this->auth["uid"] == "nobody") {
      return TRUE;
    } else {
      return FALSE;
    }
  }
  
  function login() {
# if not already logged in, then call std login_if function
    if ($this->is_authenticated()
    && ! $this->is_nobody() ) {
      return TRUE;
    } else {
      return $this->login_if(TRUE);
    }
  }

I then use "$auth->login();" in my pages that require a "real" login.
My custom login() function says... If the user is already
authenticated and that authentication is not the nobody user, then let
the page proceed, otherwise prompt for a "real" login.

The problem with calling login_if directly from your page is that it
does not check to see if you are already logged in before asking for a
login. It really just _forces_ a login no matter what. The wrapper
login() function that I wrote checks to see if you are already
authorized before forcing the login.

The is_nobody() function isn't strictly necessary, but I found it
helpful for use in login() and other parts of my code where I want to
know if the user is "real" or "nobody". 

-- 
Padraic Renaghan /pad-rik ren-a-han/ 
padraic <email protected>
ICQ# 9437815
http://renaghan.com/pcr

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>