From: ben r. <ben...@co...> - 2004-03-31 20:19:54
|
Almar, Since you have some kind of user database, you are likely more interested in the appropriate userID from that database than you are in the actual autoID from the session module. I'd recommend ignoring autoID and just use the session.auto variable to store that userID or perhaps the username itself. Change the login action to: =============== loginaction.spy =============== [[.import name=session args="'session_dir','/tmp', auto=10000"]] [[\ username = request['username'] password = request['password'] ## do database stuff here. validate the password and ## get userID from user database session.auto = userID ]] <br><br> </body></html> ================================ testforsession.spy (include this on every page requiring login) ================================ [[.import name=session args="'session_dir','/tmp', auto=10000"]] if (not session.auto) or (session.auto==0): redirect.external(site_root+"login.spy") else: userID = session.auto -Ben Ringold -----Original Message----- From: spy...@li... [mailto:spy...@li...]On Behalf Of Elmar Bschorrer Sent: Wednesday, March 31, 2004 12:29 PM To: spy...@li... Subject: [Spyce-users] session question hi, how can i use session-handling for authentication??? what i have done so far is...: -------------------------------------------------- form.html - the login form ######### <html> Login: <p> <form action="loginaction.spy" method="POST"> Name: <input type="text" name="userName"><br> Password <input type="password" name="password"><br> <input type="submit"> </form> </html> -------------------------------------------------- loginaction.spy - test if user is known to system, here create a session ################ without checking for correct username and password [[.import name=session args="'session_dir','/tmp', auto=10000"]] [[\ ## create new session and print it print session.autoID ]] <br><br> ## submit sessionID as url-param <a href="test.spy?session=[[=session.autoID]]">link</a> </body></html> -------------------------------------------------- testforsession.spy - check if the submitted session id is valid ################## [[.import name=session args="'session_dir','/tmp', auto=10000"]] <html><body> [[\ sessionID = request.get1('session') print sessionID,"<br>" ##this works fine! num = session.get(sessionID) print num ]] </body></html> ---------------------------------------------------- hmmm, num is "None" - what am i doing wrong?? tia tom -- +++ NEU bei GMX und erstmalig in Deutschland: TÜV-geprüfter Virenschutz +++ 100% Virenerkennung nach Wildlist. Infos: http://www.gmx.net/virenschutz ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Spyce-users mailing list Spy...@li... https://lists.sourceforge.net/lists/listinfo/spyce-users |