|
From: nathan r. h. <na...@ds...> - 2001-09-17 17:51:06
|
Gian, Please make your discussion on the SF Tracker for this, not on the list as not everyone is subscribed to this lsit, and certianly the user who submitted the bug won't see your reply. I'll be turning this list to readonly shortly.. I though it was already... -n On Mon, 17 Sep 2001, giancarlo pinerolo wrote: > Then problem of authenticating here is when no input is given as > 'username'. > When the returned uid is 'nobody', Auth does count anymore, and all the > funcionalities and more, that belonged to Auth, pass to $perm->. It is a > bit strange that we have two, I'd say completely, different methods of > checking access: without 'nobody', Auth does the job. With 'nobody' Auth > does nothing, the functions pass to checking $perm, and is something > that influences a lot when people, after an initial Auth_only scenario, > someone wants to upgrade a site's Phplib to User and Default_Auth. In > fact Suddenly nothing works. I think this should be evidenced in the > doc. > > Giancarlo > > > no...@so... wrote: > > > > Bugs item #460463, was opened at 2001-09-10 14:27 > > You can respond by visiting: > > http://sourceforge.net/tracker/?func=detail&atid=403611&aid=460463&group_id=31885 > > > > Category: None > > Group: None > > Status: Open > > Resolution: None > > Priority: 5 > > Submitted By: Richard Archer (richardarcher) > > Assigned to: Nobody/Anonymous (nobody) > > Summary: Default Auth "cancel" button > > > > Initial Comment: > > Reposted from -users list: > > > > I need a little help with a problem I'm having. It's > > probably really simple, > > but I can't seem to hack my way through it. > > > > I am using default authentication on a site. I have a > > link at the top of the > > page that can be used to login. When you click the > > link, it takes you to a > > page that does a: > > > > page_open(...); > > $auth->login_if ( $auth->auth[uid] == "nobody" ); > > page_close(); > > > > This pulls up auth's corresponding login dialog. The > > problem is, I have a > > cancel button on this dialog. No matter what I put > > behind the cancel, I > > can't get rid of the login dialog (unless I enter a > > valid username and > > password). I'm currently trying to make the cancel > > button link to a logout > > page that does: > > > > my_page_open(); > > $auth->logout (true); > > my_page_close(); > > > > But this doesn't work. The logout page apparently > > generates another login > > page before it gets to the logout() function. > > > > Thanks in advance for ANY help! > > > > -bpopp > > > > ------------------------------------------------- > > > > But there a specific name for that cancel button, > > default I think > > 'cancel_button', specified in the Auth var $cl. Did you > > use that name > > for the input field/link_querystr? Then method start of > > Auth (that is > > any phplib Auth'd page) should take care of that. No > > need for a special > > ACTION > > > > also see: > > http://marc.theaimsgroup.com/?l=phplib&m=94269299705992&w=2 > > > > dunno if it's already in the code. > > -Gian > > > > -------------------------------------------------- > > > > List: phplib > > Subject: Re: [PHPLIB] Bailing out of loginform.ihtml? > > From: Mike Green <Mik...@sa...> > > Date: 1999-11-15 18:58:54 > > [Download message RAW] > > > > Well, maybe I'm not quite tuned in to your problem, but > > if I am the following > > could help: > > > > I use have modified the function auth_validatelogin() > > given in the sample > > local.inc (local.inc,v 1.23 1999/08/25 11:40:48 kk) so > > that the first few lines > > are: > > > > function auth_validatelogin() { > > global $username, $password; > > if(isset($username)) { > > $this->auth["uname"]=$username; ## This > > provides access for > > "loginform.ihtml" > > }else if ($this->nobody){ ## > > provides for "default > > login cancel" > > $uid = $this->auth["uname"] = > > $this->auth["uid"] = "nobody"; > > return $uid; > > } > > $uid = false; > > ... > > > > [instead of > > function auth_validatelogin() { > > global $username, $password; > > if(isset($username)) { > > $this->auth["uname"]=$username; ## This > > provides access for > > "loginform.ihtml" > > } > > $uid = false; > > ... > > ] > > > > As I study what I've done here I can see that it > > suffers from a classic case of > > insufficient documentation. When I created this > > ("hack"?!) I think I figured > > out what needed to be done and did this. Now that I > > look at it I'm cannot > > explain it -- except that it is working :-) ... or > > should that be a ;-(... > > > > Cheers! > > > > Mike > > > > ---------------------------------------------------------------------- > > > > Comment By: James Wigdahl (jwigdahl) > > Date: 2001-09-16 19:34 > > > > Message: > > Logged In: YES > > user_id=294845 > > > > I've done all this and it's still not working for me. > > > > I have a page "page.php" that opens as such: > > > > ### PROTECTED PAGE ### > > > > <?php > > > > if (isset($HTTP_GET_VARS["l"])) { > > $l = $HTTP_GET_VARS["l"]; > > } > > if (isset($HTTP_POST_VARS["cancel_login"])) { > > $cancel_login = $HTTP_POST_VARS["cancel_login"]; > > $l = 0; > > } else if (isset($HTTP_GET_VARS["cancel_login"])) { > > $cancel_login = $HTTP_GET_VARS["cancel_login"]; > > $l = 0; > > } > > > > require ("../inc/config.php"); > > > > page_open( array( "sess" => "Wg_Session", "auth" => > > "Wg_Default_Auth")); > > > > if ($cancel_login) { > > $auth->nobody = true; > > } > > $auth->login_if($l); > > > > [stuff] > > > > ?> > > ### END OF PROTECTED PAGE ### > > > > There is a link on this page, that if clicked, reloads the > > page as "page.php?l=yes" which effectively triggers the > > login_if() and presents the login form specified in > > auth_loginform() of my Auth subclass. > > > > My login form looks like the following: > > > > ### LOGIN FORM ### > > > > [stuff] > > > > <a href="<?php $sess->purl("page.php?cancel_login=yes"); ?>"> > > Go back to the protected page</a>. > > <form method="post" name="cancel" action="<?php $sess-> > > purl(); ?>"><input type="submit" name="cancel_button" value= > > "Go Back"></form> > > > > [stuff] > > > > ### END OF LOGIN FORM ### > > > > I have added the following code to auth_validatelogin() of my > > subclassed Auth as indicated at http://marc.theaimsgroup.com/ > > ?l=phplib&m=94269299705992&w=2 (thank you Gian): > > > > ### STUFF ADDED TO auth_validatelogin() ### > > > > if (isset($username)) { > > $this->auth["uname"] = $username; // This provides access > > for "loginform.ihtml" > > } else if ($this->nobody) { // Provides for default > > login cancel > > $uid = $this->auth["uname"] = $this->auth["uid"] = > > "nobody"; > > return $uid; > > } > > > > ### END STUFF ADDED TO auth_validatelogin() ### > > > > I have even explicitly set "var $cancel_login = > > "cancel_login";" in my Auth subclass. > > > > I am still unable to get the login process to cancel whether > > I click the link on the login page, or whether I click the > > button named "cancel_button". No matter where I go, I just > > get the login page. > > > > I have begun delving into auth.inc into the code that's > > supposed to make this happen, but I haven't found why this is > > failing yet. Anyone have any ideas? > > > > ---------------------------------------------------------------------- > > > > You can respond by visiting: > > http://sourceforge.net/tracker/?func=detail&atid=403611&aid=460463&group_id=31885 > > > > _______________________________________________ > > Phplib-trackers mailing list > > Php...@li... > > https://lists.sourceforge.net/lists/listinfo/phplib-trackers > > > > _______________________________________________ > Phplib-core mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-core > -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- nathan hruby / digital statement na...@ds... http://www.dstatement.com/ Public GPG key can be found at: http://www.dstatement.com/nathan-gpg-key.txt ED54 9A5E 132D BD01 9103 EEF3 E1B9 4738 EC90 801B -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- |