Re: [Phplib-users] Giancarlo Pinerolo (pingus) auth patch
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re: [Phplib-users] Giancarlo Pinerolo (pingus) auth patch
|
From: Giancarlo P. <gia...@na...> - 2002-06-07 01:03:01
|
Joe Stewart wrote:
>
> Another method that works without patching phplib is like this:
>
> if(isset($HTTP_POST_VARS['username'])) { // this would be present if a login is in progress
> $auth->auth["uid"]= "form"; // this is what auth seems to want
> $auth->start();
> }
>
> $auth->login_if(!$perm->have_perm('user'));
>
> Here is the original post:
>
> http://marc.theaimsgroup.com/?l=phplib&m=99114081209404&w=2
>
> Here is a simple example:
>
> http://www.phpslash.org/index.php3?section_id=11
>
> have fun,
This code confirms that is common practice to smashe the very reason ot
the auth['form'] intermiediate status value: be assured that a form was
set 'before' input is accepted.
It osoletes keepeing that value and overrides it.
The 'form' value was supposed to be a prerequisite, something the code
needs to have *before* considering any 'username' an 'password' input
fields.
The actual code logic is:
if there's form, see if there are the fields.
This does the reverse, if there's a field username, then force 'form'
and loop over start.
It simply checks for an existing input field 'username'. (If it checks
for 'password' too, you can even smash the necessity of log/reg)
Exactly as my auth does.
These lines of code show that people already chose to consider the whole
auth->start method, as it is, obsolete, comment.
Gian
|
