 |
 |
 |
 |
|
|
Date: 08/23/01
- Next message: John Lucas: "[phplib] Installation of PHPLIB"
- Previous message: giancarlo pinerolo: "[phplib] preexisting auth integration"
- Next in thread: Brian Popp: "RE: [phplib] stuff in the $sess->auth[] array"
- Maybe reply: Brian Popp: "RE: [phplib] stuff in the $sess->auth[] array"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
You know you can put all sort of stuff under there, under the
$sess->auth[] array.
It will last as much as your session, even less if you set an expire for
auth, so it will not be persistent. But next login can be reloaded..
And it will be visible, if you'll use php4 default session, which gets
stored in /tmp as a csv file..
So my question is:
what could you reasonably think to put there?
Someone wrote an extension to stock ACL permissions on objects that
would be stored there.
Others place the user full name and surname, or email.
In fact it can be an easy shortcut to defining a User class, and using
that instead. And can save some I/O as everything stays just in the
session record..
So one may think it is OK to store there things as 'how many more
salamis I can buy at discount price' or, for the vicious, 'list of
tables where I am authorized to gamble a free fiche'.
Missing guidelines for that. And this leads to more uncompatible auths.
I myself only recently realized that Auth and User were not
inter-dependent, so always coupled Auth with User, let Auth almost
untouched, and put stuff I needed into User.
- Gian
-- Abbestellen mit Mail an: phplib-unsubscribe <email protected> Kommandoliste mit Mail an: phplib-help <email protected>
- Next message: John Lucas: "[phplib] Installation of PHPLIB"
- Previous message: giancarlo pinerolo: "[phplib] preexisting auth integration"
- Next in thread: Brian Popp: "RE: [phplib] stuff in the $sess->auth[] array"
- Maybe reply: Brian Popp: "RE: [phplib] stuff in the $sess->auth[] array"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]