PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

SQLite Support for PHP4
Table types in MySQL: Part 2 - InnoDB Tables
Templates: The PHPLib Way
PEAR's HTML_QuickForm
Using PHP Error Handling

Re: [phplib] login page help From: Lazaro Ferreira (lazaro <email protected>)
Date: 07/13/01

Next message: Dieter Rossnagl: "[phplib] sessionproblem mit php4 auf BSD"
Previous message: Giancarlo Pinerolo: "Re: [phplib] login page help"
In reply to: Cresta Johnson: "Re: [phplib] login page help"
Next in thread: giancarlo pinerolo: "Re: [phplib] login page help"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Cresta you should subclass

function auth_preauth() { return false; }

to anything like this

function auth_preauth()
{
(any code that set $uid )
return $uid;
}

NOTE:
$uid is the variable that holds the unique user identifier a 32 bit string generated by Auth class upon registration ('nobody' IS NOT a valid uid value), so the valid $uid value has to exist before using auth_preauth function

Hope this help
Lazaro

----- Original Message -----
From: Cresta Johnson <cjohnson <email protected>>
To: Jesse Swensen <swensenj <email protected>>; giancarlo pinerolo <giancarlo <email protected>>; <phplib <email protected>>
Sent: Wednesday, June 13, 2001 4:34 AM
Subject: Re: [phplib] login page help

> Jesse,
>
> I appreciate all your help with this. In your previous message you described
> what I want to do perfectly, but I'm kind of lost on how to implement it the
> way you suggested.
>
> Here is the code from the auth.inc file:
>
> function auth_preauth() { return false; }
>
> Does this function do anything but return false? Do I need to add to this
> function to have it check authorization and start a session? Is your
> auth_preauth function different than the one above?
>
> TIA - again! :)
>
> Cresta
>
> ----- Original Message -----
> From: "Jesse Swensen" <swensenj <email protected>>
> To: "giancarlo pinerolo" <giancarlo <email protected>>; <phplib <email protected>>
> Sent: Thursday, July 12, 2001 6:28 PM
> Subject: Re: [phplib] login page help
>
>
> > Well this is not true. If on your index page you do not have it auth, no
> > harm. On this page is a small form with a user id and password. When
> this
> > form is submitted you use auth. The page_open function is called first
> > think, like you should and the auth module is included.
> >
> > What happens next is dependant on your subclass of auth. If in your
> > subclass you have a auth_preauth method, it gets called first. So, in
> your
> > preauth method you have it look for the form variable exp
ected from the
> > index page and use those values to do the authorization. If it
succeeds,
> > you pass back the uid of the user and all is good to go. No login page.
> > But, if the values fail or where not supplied at all, the preauth fails
> and
> > you get the regular login page.
> >
> > It works very well and there is no need for default auth or any other
> "Hocus
> > pocus".
> >
> > Good luck....
> > --
> > Jesse Swensen
> > swensenj <email protected>
> >
> > > From: giancarlo pinerolo <giancarlo <email protected>>
> > > Organization: navigare.net
> > > Date: Thu, 12 Jul 2001 15:34:25 +0200
> > > To: phplib <email protected>
> > > Subject: Re: [phplib] login page help
> > >
> > > If you use the built in auth or you proper preauth doesn't make a
> > > difference.
> > >
> > > when you include user and auth, if not logged on already, a login
page
> > > will come out.
> > > And if you don't include them, you won't be able to know wheter he's
> > > logged in already or not.
> > >
> > > Hiding login and password is not a good choice.
> > >
> > > As I said, you must use default_authentication, so all the features of
> > > user and auth are there, and you check if he's 'nobody' or 'someone'
> > >
> > > Giancarlo
> > >
> > > Jesse Swensen wrote:
> > >>
> > >> This functionality is already built into PHPLib. Use the
auth_preauth
> > >> method in your subclass of Auth. Auth_preauth always gets called
first
> and
> > >> returns either a uid, in which your user is authorized and your
> application
> > >> goes on it's merry way. Or it returns false, in which the regular
> > >> authorization takes place, by bringing up you login page, etc...
> > >>
> > >> So, you can do anything it the auth_preauth method to authorize the
> user.
> > >> Maybe you have a user id/password on your index page and auth_preauth
> check
> > >> for the existence of those variables and uses them to do the
> authorization.
> > >> If they don't exist returns false.
> > >> --
> > >> Jesse Swensen
> > >> swensenj <email protected>
> > >>
> > >>> From: "Cresta Johnson" <cjohnson <email protected>>
> > >>> Organization: Dzign Studio
> > >>> Reply-To: "Cresta Johnson" <cjohnson <email protected>>
> > >>> Date: Wed, 11 Jul 2001 16:48:33 -0600
> > >>> To: <phplib <email protected>>
> > >>> Subject: [phplib] login page help
> > >>>
> > >>> Hi All!
> > >>>
> > >>> I was wondering if it was possible to have a login page that wasn't
> > >>> protected by the phplib auth/perm functions? What I want to do is
have
> a
> > >>> "quick" login button on the index page of my site (which wouldn't be
> > >>> protected) and after verifying the login information would redirect
> the user
> > >>> to another page that is protected by the phplib auth/perm functions.
> What
> > >>> I've tried to do so far is to send the user & password (via html
> > >>> form)directly to the page (that's protected) & I've also tried to
send
> the
> > >>> information to another php script that processes the information &
> then
> > >>> redirects to the protected page. Either way, I am still having the
> > >>> login.ihtml page invoked. Is there anyone that's done this before
and
> has a
> > >>> code sample that I can look at?
> > >>>
> > >>> Thanks so much!
> > >>>
> > >>> Cresta
> > >>>
> > >>>
> > >>> --
> > >>> Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> > >>> Kommandoliste mit Mail an: phplib-help <email protected>
> > >>>
> > >>
> > >> --
> > >> Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> > >> Kommandoliste mit Mail an: phplib-help <email protected>
> > >
> > > --
> > > Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> > > Kommandoliste mit Mail an: phplib-help <email protected>
> > >
> >
> >
> >
> > --
> > Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> > Kommandoliste mit Mail an: phplib-help <email protected>
> >
>
>
> --
> Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> Kommandoliste mit Mail an: phplib-help <email protected>
>
>

-- 
Abbestellen mit Mail an:   phplib-unsubscribe <email protected>
Kommandoliste mit Mail an: phplib-help <email protected>

Next message: Dieter Rossnagl: "[phplib] sessionproblem mit php4 auf BSD"
Previous message: Giancarlo Pinerolo: "Re: [phplib] login page help"
In reply to: Cresta Johnson: "Re: [phplib] login page help"
Next in thread: giancarlo pinerolo: "Re: [phplib] login page help"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]