[phplib] login_if loop (was: Re: separate login form) From: giancarlo <email protected>
Date: 10/17/00

I was trying to find a workaround for the login_if($x) loop, tha one
that, once you (nobody) get in front of the loginform,and decide not to
regiter/login, cannot revert back to being 'nobody' again..

I found a solution in a past message wich does the work.

http://marc.theaimsgroup.com/?l=phplib&m=94269299705992&w=2

Don't ask me why, as the author of the wkaround himself seems not to
recall how he did it. Probably the session-cookie etc is reissued..

attached is the modified auth_validatelogin he's usin, adapted to phplib
7.x

Giancarlo
 

Matthew Leingang wrote:
>
> > Still confused
>
> So am I...can you rephrase the question?
>
> If you want to bail out of a login (for instance, if a default-auth user
> stumbles on a page with higher privileges), look at the cancel_login
> member of the auth class. That gives you a variable name which, if set,
> will interrupt the login process.
>
> If that is not your question please give an example of what you want to
> do.
>
> HTH,
> Matt
>
> ----------------------------------------------------------------
> Matthew Leingang http://www.math.rutgers.edu/
> Rutgers University leingang <email protected>
> Department of Mathematics "This signature needs no quote."
>
> On Tue, 17 Oct 2000 giancarlo <email protected> wrote:
>
> > The actual login form is produced by the auth object whenever needed.
> > This is useful 'cause by simply including tha auth object you get a
> > login prompt anywhere the user has not authenticated yet.
> >
> > But the 'nobody' stuff then doesn't allow to resign from logging in or
> > registering.
> >
> > So, if I wanted to have a well separate, stand alone login form, let's
> > say a well defined page somewhere under the document root, what should
> > it look like?
> > What should be the 'action' tag for it? What functions would the
> > 'action' script call to validate the input data?
> >
> >
> > Giancarlo
> >

  function auth_validatelogin() {
    global $username, $password, $mode;

    if (isset($mode) && $mode == "reg") {
      $this->mode = "reg";
      $this->auth["uname"] = $username;
      $this->auth["error"] = "Please fill in the required registration information. Thank you.";
      return false;
    }

        if(isset($username))
                {
                $this->auth["uname"]=$username; ## This provides access for "loginform.ihtml"
    }
##########
# added from
# http://marc.theaimsgroup.com/?l=phplib&m=94269299705992&w=2
#########
        else if ($this->nobody)
                { ## provides for "default login cancel"
                $uid = $this->auth["uname"] = $this->auth["uid"] = "nobody";
    return $uid;
    }
################
#end of addiction
###########
#####rest as otriginal
        $uid = false;
    
    $this->db->query(sprintf("select user_id, perms ".
                             " from %s ".
                             " where username = '%s' ".
                             " and password = '%s'",
                          $this->database_table,
                          addslashes($username),
                          addslashes($password)));

    while($this->db->next_record()) {
      $uid = $this->db->f("user_id");
      $this->auth["perm"] = $this->db->f("perms");
    }
    if ($uid == false)
      $this->auth["error"] = "Either your username or password are invalid.<br>Please try again.";
    else
      SetCookie("auth_username", $username, pow(2, 31)-1, "/");

    return $uid;
  }

# end orig#######

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>