Re: [phplib] login page help From: Cresta Johnson (cjohnson <email protected>)
Date: 06/12/01

Jesse,

I appreciate all your help with this. In your previous message you described
what I want to do perfectly, but I'm kind of lost on how to implement it the
way you suggested.

Here is the code from the auth.inc file:

  function auth_preauth() { return false; }

Does this function do anything but return false? Do I need to add to this
function to have it check authorization and start a session? Is your
auth_preauth function different than the one above?

TIA - again! :)

Cresta

----- Original Message -----
From: "Jesse Swensen" <swensenj <email protected>>
To: "giancarlo pinerolo" <giancarlo <email protected>>; <phplib <email protected>>
Sent: Thursday, July 12, 2001 6:28 PM
Subject: Re: [phplib] login page help

> Well this is not true. If on your index page you do not have it auth, no
> harm. On this page is a small form with a user id and password. When
this
> form is submitted you use auth. The page_open function is called first
> think, like you should and the auth module is included.
>
> What happens next is dependant on your subclass of auth. If in your
> subclass you have a auth_preauth method, it gets called first. So, in
your
> preauth method you have it look for the form variable expected from the
> index page and use those values to do the authorization. If it succeeds,
> you pass back the uid of the user and all is good to go. No login page.
> But, if the values fail or where not supplied at all, the preauth fails
and
> you get the regular login page.
>
> It works very well and there is no need for default auth or any other
"Hocus
> pocus".
>
> Good luck....
> --
> Jesse Swensen
> swensenj <email protected>
>
> > From: giancarlo pinerolo <giancarlo <email protected>>
> > Organization: navigare.net
> > Date: Thu, 12 Jul 2001 15:34:25 +0200
> > To: phplib <email protected>
> > Subject: Re: [phplib] login page help
> >
> > If you use the built in auth or you proper preauth doesn't make a
> > difference.
> >
> > when you include user and auth, if not logged on already, a login page
> > will come out.
> > And if you don't include them, you won't be able to know wheter he's
> > logged in already or not.
> >
> > Hiding login and password is not a good choice.
> >
> > As I said, you must use default_authentication, so all the features of
> > user and auth are there, and you check if he's 'nobody' or 'someone'
> >
> > Giancarlo
> >
> > Jesse Swensen wrote:
> >>
> >> This functionality is already built into PHPLib. Use the auth_preauth
> >> method in your subclass of Auth. Auth_preauth always gets called first
and
> >> returns either a uid, in which your user is authorized and your
application
> >> goes on it's merry way. Or it returns false, in which the regular
> >> authorization takes place, by bringing up you login page, etc...
> >>
> >> So, you can do anything it the auth_preauth method to authorize the
user.
> >> Maybe you have a user id/password on your index page and auth_preauth
check
> >> for the existence of those variables and uses them to do the
authorization.
> >> If they don't exist returns false.
> >> --
> >> Jesse Swensen
> >> swensenj <email protected>
> >>
> >>> From: "Cresta Johnson" <cjohnson <email protected>>
> >>> Organization: Dzign Studio
> >>> Reply-To: "Cresta Johnson" <cjohnson <email protected>>
> >>> Date: Wed, 11 Jul 2001 16:48:33 -0600
> >>> To: <phplib <email protected>>
> >>> Subject: [phplib] login page help
> >>>
> >>> Hi All!
> >>>
> >>> I was wondering if it was possible to have a login page that wasn't
> >>> protected by the phplib auth/perm functions? What I want to do is have
a
> >>> "quick" login button on the index page of my site (which wouldn't be
> >>> protected) and after verifying the login information would redirect
the user
> >>> to another page that is protected by the phplib auth/perm functions.
What
> >>> I've tried to do so far is to send the user & password (via html
> >>> form)directly to the page (that's protected) & I've also tried to send
the
> >>> information to another php script that processes the information &
then
> >>> redirects to the protected page. Either way, I am still having the
> >>> login.ihtml page invoked. Is there anyone that's done this before and
has a
> >>> code sample that I can look at?
> >>>
> >>> Thanks so much!
> >>>
> >>> Cresta
> >>>
> >>>
> >>> --
> >>> Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> >>> Kommandoliste mit Mail an: phplib-help <email protected>
> >>>
> >>
> >> --
> >> Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> >> Kommandoliste mit Mail an: phplib-help <email protected>
> >
> > --
> > Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> > Kommandoliste mit Mail an: phplib-help <email protected>
> >
>
>
>
> --
> Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> Kommandoliste mit Mail an: phplib-help <email protected>
> 

-- 
Abbestellen mit Mail an:   phplib-unsubscribe <email protected>
Kommandoliste mit Mail an: phplib-help <email protected>