[Phplib-users] alternate auth method
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
[Phplib-users] alternate auth method
|
From: Tim S. <ti...@oc...> - 2002-06-24 04:26:48
|
Hello,
Im after some help, I am attempting to authenticate from a windows
application that launches a browser, users enter their details into
the application and it opens a browser with username=foo&password=md5hash
in the URL.
I have extended the auth class as explained in the documentation:
class Example_Auth extends Auth
{
var $classname = "Example_auth"; # Object serialization support
var $lifetime = 15;
## DB_Sql subclass and database table to use
var $database_class = "DB_Example";
var $database_table = "auth_user";
## Some magic value to make our uids harder to guess.
var $magic = "Abracadabra";
## Use an own login form
function auth_loginform() {
global $sess;
include("templates/login_error.php");
}
function auth_validatelogin() {
global $username, $password; ## form variables from loginform.ihtml
$this->auth["uname"]=$username;
$uid = false;
$query = sprintf(
"select password,user_id from %s where username = '%s'",
$this->database_table,$username);
$this->db->query($query);
while($this->db->next_record()) {
if($password == md5($this->db->f("password")."secret_string"))
{
$uid = $this->db->f("user_id");
$this->auth["perm"] = "admin";//$this->db->f("perms");
}
}
return $uid;
}
}
This method works, however, when authentication suceeds, the user
is still redirected to the error page, and if they refresh the
browser then they get to the actual content. What I want is for
users to gain access immeadiatly of they authenticate correctly,
but be redirected to an error page if they fail. the loginform is
replaced by the application.
Can anyone help/point me in the right direction?
Thanks, Tim
--
+----------------------------------------------+
Tim Stebbing,
ti...@oc..., www.oceanablue.com.au
Software Development Services.
+----------------------------------------------+
|
