[Phplib-users] stuff in the $sess->auth[] array
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
[Phplib-users] stuff in the $sess->auth[] array
|
From: giancarlo p. <gia...@na...> - 2001-08-23 16:27:54
|
You know you can put all sort of stuff under there, under the $sess->auth[] array. It will last as much as your session, even less if you set an expire for auth, so it will not be persistent. But next login can be reloaded.. And it will be visible, if you'll use php4 default session, which gets stored in /tmp as a csv file.. So my question is: what could you reasonably think to put there? Someone wrote an extension to stock ACL permissions on objects that would be stored there. Others place the user full name and surname, or email. In fact it can be an easy shortcut to defining a User class, and using that instead. And can save some I/O as everything stays just in the session record.. So one may think it is OK to store there things as 'how many more salamis I can buy at discount price' or, for the vicious, 'list of tables where I am authorized to gamble a free fiche'. Missing guidelines for that. And this leads to more uncompatible auths. I myself only recently realized that Auth and User were not inter-dependent, so always coupled Auth with User, let Auth almost untouched, and put stuff I needed into User. - Gian |
