Re: [Phpslash-devel] Dumb auth question
Brought to you by:
joestewart,
nhruby
Menu
▾
▴
Re: [Phpslash-devel] Dumb auth question
|
From: nathan r. h. <na...@ds...> - 2003-04-02 21:05:37
|
On Wed, 2 Apr 2003, Joe Stewart wrote: > On Tue, Apr 01, 2003 at 08:44:27PM -0800, nathan r. hruby wrote: > > > > This is really dumb. I have a site, I login as god (with 'root'perm) or > > as my admin user will all but root and nobody set. $auth->nobody is > > always 1. Clues? > > > > slashAuthCR.class: > > var $nobody = true; > > > > I don't see anyplace where's is explicitly unset, so I;m wondering if it;s > > not jsut carrying over from the session. > > > > auth->nobody allows public access. > > The "nobody" user is used after someone is identified. Then what > public access is allowed can be changed by the "nobody" group's > permissions. > I think this is me being dyslexic. IIRC, in phplib $auth->nobody was a boolean shorthand to determine if the current $auth object is authenticated as a user, or if we're operating as a default user and looking through the auth.inc class seems to beack this up. this may have chnaged recently, at this point Joe, youd know better than I. So the correct method for determinig the user is still to check $auth->['uid'] == 'nobody' I though phplib did away with this a longtime ago (maybe now we're supposed to check $auth->['username']?) Again, me being kinda stupid. -n -- ------ nathan hruby na...@ds... ------ |