PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

In Case You Missed It...The Week of January 23, 2006
Dreamweaver MX 2004
MySQL Date and Time Functions, Part 1
SQLite Support for PHP4
Date Manipulation in Php

Re: [phplib] login page help SIMPLE! From: giancarlo pinerolo (giancarlo <email protected>)
Date: 07/13/01

Next message: giancarlo pinerolo: "Re: [phplib] login page help: My conclusion"
Previous message: giancarlo pinerolo: "Re: [phplib] login page help SIMPLE!"
In reply to: giancarlo pinerolo: "Re: [phplib] login page help SIMPLE!"
Next in thread: giancarlo pinerolo: "Re: [phplib] login page help: My conclusion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

giancarlo pinerolo wrote:
The problem with default authentication is that, once you adopt it,
your
> programming changes, because you cannot rely opn simply including 'user'
> and 'auth' o tob, but you need to check if the visitor is 'nobody' or
> someone logged in, whenever you use it. Only that.

I explain this of mine:
With default authentication, by including:

$perm->check("user");

you have the same funcionalities (blocking not 'real' users) you'd had
without default authentication, because the special user 'nobody'
doesn't have 'user' permissions.

If, instead, at any point in your script you want to display some
personalized content, dependin on the fact that the user is someone
logged in or 'nobody', you use the

if($auth->is_nobody())

method

All this is much more powerful than a Yes/No permission scheme

Giancarlo

>
> But this influences all your scripts, and if you get it right from the
> beginning (default authentication On), you're ok forever, if you
> understand it late, you have to change all your scripts.
>
> That's why I'd had set it as the default, and had created an
> Example_Auth that already had default authentication in in, and had
> explained in the doc that, if you don't mind having the possibility to
> check if someone is authenticated or not, you could use another
> Example_Resticted_Auth that enforced a Yes/No scheme, where only
> authenticated user could go, like what you can get with
> .htaccess/.htpasswd settings
>
> Giancarlo
>
> I myself wrote:
> >
> > In fact preauth bypasses all permission check, unless you set ther
> > $auth->auth[perm] value in it.
> > You cannot rely on things like
> >
> > $perms->check("user") or $perms->check("admin")
> >
> > after it, if you don't set that.
> >
> > Deafult authhentication
> >
> > This is a great feature, not a fake authentication as it may sound.
> >
> > If, at any point, you want to check (only check, not force him to login)
> > if the actual visitor is logged in or not, and conditionally show him
> > some personalized component or not, you can do it only with default
> > authentication.
> >
> > I dunno way the didn't make it the default.
>
> --
> Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> Kommandoliste mit Mail an: phplib-help <email protected>

-- 
Abbestellen mit Mail an:   phplib-unsubscribe <email protected>
Kommandoliste mit Mail an: phplib-help <email protected>

Next message: giancarlo pinerolo: "Re: [phplib] login page help: My conclusion"
Previous message: giancarlo pinerolo: "Re: [phplib] login page help SIMPLE!"
In reply to: giancarlo pinerolo: "Re: [phplib] login page help SIMPLE!"
Next in thread: giancarlo pinerolo: "Re: [phplib] login page help: My conclusion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]