Re: [Phplib-users] Re: [phplib] current users?
Brought to you by:
nhruby,
richardarcher
From: giancarlo p. <gia...@na...> - 2001-08-22 21:18:50
|
Ben Curtis wrote: > > No, I do not mean preauth, I mean what I said -- default auth, as according to the phplib documentation. By using var $nobody in my extension of the Auth class, default authentication is used when someone browses to the public pages of phpBugTracker. When a user chooses to login, I check for that form submission -- note, I do not use login_if() -- and process the login by calling my extension of auth_validatelogin(). http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/~checkout~/phpbt/phpbt/include.php?rev=1.37&content-type=text/plain Gave a look at that. Nice hacks there.. as if (!$username) return 'nobody'; or if (!$q->num_rows()) { return 'nobody'; ;-)) But if I were to integrate that into my existing auth, I confess I'd get quite stuck. I don't use the email as login. And I see that you don't use the 'user' storage class. That could be a more suitable place to store things like 'bug_list_fields', first name, last name, etc., instead of extending the sess[auth] array... The idea should be: extend what you want, but leave and use the (any) existing auth. Add users and grups to the auth tables if you need. Stuff like: lists of prerogatives, permission/permitted on objects, allowed paths or visitable documents, whatever, should stay in user. Apart from hat, I think you decided to provide your particular auth extension because of the way 'page' and 'forms' where displayed... which would confirm my opinion. The invasive handling of form interaction by auth, obliges a package writer to provide his own. Which is absurd. - Gian > As far as integration is concerned, since I extend the Auth class as per the phplib documentation, a user wanting to integrate my package with the rest of his code would just replace my auth_validatelogin(), either by editing or by changing the class extension. My installation instructions do tell the user to install phplib if not already installed, and that's all they have to do, since I extend the basic Auth class. > > Perhaps you should take a look at what I've done to see how I've done it. > > On Wed, Aug 22, 2001 at 06:26:20PM +0200, giancarlo pinerolo wrote: > > Ben Curtis wrote: > > > > > > For all the discussion about this type of functionality on this phplib list and the previous one, it's really not that difficult to implement. I have a login area on every page with my application, phpBugTracker (http://phpbt.sourceforge.net/). All you have to do is use the default auth and handle the login form yourself instead of relying on auth_loginform(). > > > > I suppose you mean 'auth_preauth' instead of 'default auth'.. > > > > That?'s Ok. but when someone installs your package on a site that > > already has phplib, but doesn't use preauth (or uses his devidsed form > > of), > > he's going to have big problems integratig the two, mostly if he, > > logically, > > wants to keep its base of current users (and groups in the near future) > > > > For me the very first, next logical thing to auth is keeping a log of > > logins/logouts. More than handling the form interaction, which is > > something that I'd throw out to the application side. > > > > Your application should tell the admin: > > if you don't hae already, pick-up and install phplib, with any auth you > > like (crc/no crc, log/reg, md5/no_md5. Do as you like). > > Then add new groups of users, ar extend the existing ones, to provide > > the desired permission to work with muy phpBugTraq app. Of course, do > > not use preauth. > > > > I mean, this is the idea. Would this make any sense with the way your > > package works? > > > > Giancarlo > > > > > > > > On Wed, Aug 22, 2001 at 09:00:07AM -0400, Stephen Woodbridge wrote: > > > > giancarlo pinerolo wrote: > > > > > > > > > > What I propose is to make Auth a very aseptic class. Kind of > > > > > client-server. Loosely coulpled. No html ouptut, no form handling. That > > > > > stuff should be handled, eventually, by the application, maybe in > > > > > > > > [snip large and useful post] > > > > > > > > I am sorry, I did not comment earlier, but I thought you were right on > > > > track with your ideas and suggestions. > > > > > > > > I have wanted to create a login capability similar to PHP-Nuke (ie: > > > > login form on the pages rather than a separate page) for my phplib > > > > applications. I will try to use your ideas and the code you supplied on > > > > your post here. > > > > > > > > Thank you for your efforts and contibutions to the list. > > > > > > > > -Steve > > > > > > > > _______________________________________________ > > > > Phplib-users mailing list > > > > Php...@li... > > > > http://lists.sourceforge.net/lists/listinfo/phplib-users > > > > > > _______________________________________________ > > > Phplib-users mailing list > > > Php...@li... > > > http://lists.sourceforge.net/lists/listinfo/phplib-users > > > > > > _______________________________________________ > > Phplib-users mailing list > > Php...@li... > > http://lists.sourceforge.net/lists/listinfo/phplib-users > > _______________________________________________ > Phplib-users mailing list > Php...@li... > http://lists.sourceforge.net/lists/listinfo/phplib-users |