Re: [phplib] Authenication From: Dima Nemchenko (Dima.Nemchenko <email protected>)
Date: 08/01/01

Matt Gregory wrote:

> What is it that determines whether an authenication has expired?
> I have set lifetime to 300, but it has no effect. I still have
> to login, unless I use a session->url() URL.
>
> How do I pass authentication information from page to page? How
> should I code my pages so that it doesn't need GET variables?
> I can use hidden_session on data entry forms, right? Or do I
> not need that? I've stuck all my links in url() calls, but on
> forms I need POST and GET variables, and I don't think that's
> going to work. Plus, I would like for the pages to be
> bookmarkable.
>
> Thanks for any help
> Matt
>
> --
> Abbestellen mit Mail an: phplib-unsubscribe <email protected>
> Kommandoliste mit Mail an: phplib-help <email protected>

Hi Matt,

This is what I think I know--anyone who knows better, please correct me
if I'm wrong.

You need Sess for Auth to work. That's how PHPLib keeps track of who you
are. sess will use cookies if possible, but reverts to GET/POST if not.
As such, it's best to use sess->url() and, POST variables on your forms,
throughout, unless you are willing to drop all those who don't have
cookies enabled.

Hope this helps (and even makes sense!), 

--

:D_ima
Dima Nemchenko <Dima.Nemchenko <email protected>>

"Open source code is like lobster--most people who haven't tried it
don't like the way it looks. But those who try it, love it."