RE: [phplib] Extending authentication? From: Bryan McGuire (joefriday <email protected>)
Date: 08/13/00

Let's say your local.inc has something like:

Class My_Auth extends Auth {
  var $classname = "My_auth";
  var $lifetime = 15;
  [yada yada yada ...]
}

You could also put something like this into your local.inc:

Class My_Other_Auth extends My_Auth {
  var $classname = "My_Other_Auth";
  var $lifetime = 45;
}

Now all you have to do is call page_open with "auth"=>"My_Other_Auth"
when you want the page to get 45 minutes.

-----Original Message-----
From: Matthew Leingang [mailto:leingang <email protected>]
Sent: Sunday, August 13, 2000 9:08 AM
To: PHPLIB mailing list
Subject: [phplib] Extending authentication?

Hello,

I've been using PHPLIB for a couple of months now and love it. I have
a
question about the best way to extend a user's authentication lifetime
for
a single page.

I have an application which allows people with "author" privileges to
write articles for the site. The editing form appears, they type in,
pull down, push buttons...presto, an article goes in the database.
The
trouble is that sometimes it takes a long time to compose the actual
article text, and their authentication expires. On submitting the
article, they go back to the login page, and the article is now lost
because relogging in calls the page again with new post variables.

So what I need is a way to make sure that if the author is editing an
article, his authentication will last a little longer, like an hour
instead of 15 minutes.

I really just want to do something like

<?php
 $auth->auth["exp"] += 45*60 // for 45 minutes more authentication
time
?>

That's only page specific, because the next call to page_open will set
the
expiration time back to "$auth->lifetime minutes from now."

But auth is an "internal" variable, and the documentation even says
that
this field "must not be tampered with." I guess I'm wondering how
"bad"
it would be to do that. I know that internal class members aren't
guaranteed to stay the same from version to version, but I could
control
the damage by coding the above into an method of the Auth class (or my
extension thereof).

So if my solution is improper, what would be better?

Schoene Gruesse von einem heissen, wolkigen Boston,
Matt

----------------------------------------------------------------
Matthew Leingang 617/495-2171
Harvard University leingang <email protected>
Department of Mathematics "This signature needs no quote."

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>