Re: [phplib] login page help From: Jesse Swensen (swensenj <email protected>)
Date: 07/12/01

Well this is not true. If on your index page you do not have it auth, no
harm. On this page is a small form with a user id and password. When this
form is submitted you use auth. The page_open function is called first
think, like you should and the auth module is included.

What happens next is dependant on your subclass of auth. If in your
subclass you have a auth_preauth method, it gets called first. So, in your
preauth method you have it look for the form variable expected from the
index page and use those values to do the authorization. If it succeeds,
you pass back the uid of the user and all is good to go. No login page.
But, if the values fail or where not supplied at all, the preauth fails and
you get the regular login page.

It works very well and there is no need for default auth or any other "Hocus
pocus".

Good luck.... 

-- 
Jesse Swensen
swensenj <email protected>

> From: giancarlo pinerolo <giancarlo <email protected>>
> Organization: navigare.net
> Date: Thu, 12 Jul 2001 15:34:25 +0200
> To: phplib <email protected>
> Subject: Re: [phplib] login page help
> 
> If you use the built in auth or you proper preauth doesn't make a
> difference.
> 
> when you  include user and auth, if not logged on already, a  login page
> will come out.
> And if you don't include them, you won't be able to know wheter he's
> logged in already or not.
> 
> Hiding login and password is not a good choice.
> 
> As I said, you must use default_authentication, so all the features of
> user and auth are there, and you check if he's 'nobody' or 'someone'
> 
> Giancarlo
> 
> Jesse Swensen wrote:
>> 
>> This functionality is already built into PHPLib.  Use the auth_preauth
>> method in your subclass of Auth.  Auth_preauth always gets called first and
>> returns either a uid, in which your user is authorized and your application
>> goes on it's merry way.  Or it returns false, in which the regular
>> authorization takes place, by bringing up you login page, etc...
>> 
>> So, you can do anything it the auth_preauth method to authorize the user.
>> Maybe you have a user id/password on your index page and auth_preauth check
>> for the existence of those variables and uses them to do the authorization.
>> If they don't exist returns false.
>> --
>> Jesse Swensen
>> swensenj <email protected>
>> 
>>> From: "Cresta Johnson" <cjohnson <email protected>>
>>> Organization: Dzign Studio
>>> Reply-To: "Cresta Johnson" <cjohnson <email protected>>
>>> Date: Wed, 11 Jul 2001 16:48:33 -0600
>>> To: <phplib <email protected>>
>>> Subject: [phplib] login page help
>>> 
>>> Hi All!
>>> 
>>> I was wondering if it was possible to have a login page that wasn't
>>> protected by the phplib auth/perm functions? What I want to do is have a
>>> "quick" login button on the index page of my site (which wouldn't be
>>> protected) and after verifying the login information would redirect the user
>>> to another page that is protected by the phplib auth/perm functions. What
>>> I've tried to do so far is to send the user & password (via html
>>> form)directly to the page (that's protected) & I've also tried to send the
>>> information to another php script that processes the information & then
>>> redirects to the protected page. Either way, I am still having the
>>> login.ihtml page invoked. Is there anyone that's done this before and has a
>>> code sample that I can look at?
>>> 
>>> Thanks so much!
>>> 
>>> Cresta
>>> 
>>> 
>>> --
>>> Abbestellen mit Mail an:   phplib-unsubscribe <email protected>
>>> Kommandoliste mit Mail an: phplib-help <email protected>
>>> 
>> 
>> --
>> Abbestellen mit Mail an:   phplib-unsubscribe <email protected>
>> Kommandoliste mit Mail an: phplib-help <email protected>
> 
> -- 
> Abbestellen mit Mail an:   phplib-unsubscribe <email protected>
> Kommandoliste mit Mail an: phplib-help <email protected>
> 

-- 
Abbestellen mit Mail an:   phplib-unsubscribe <email protected>
Kommandoliste mit Mail an: phplib-help <email protected>