Re: [Phplib-users] Re: blocking mode vs default_auth
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re: [Phplib-users] Re: blocking mode vs default_auth
|
From: Giancarlo <gia...@na...> - 2002-09-25 18:56:57
|
Il 19:30, mercoled=EC 25 settembre 2002, Chris Johnson ha scritto: > > So, Gian, are you saying that your new Auth class provides both behavio= rs, > but that your "splash login page" although it looks the same to the > user, it is distinctly functionally different from the current PHPLIB > blocking method? By blocking mode, interstitial mode, we are not talking about access, or=20 blocking access. We are talking about blocking the authentication process, in a 'login_in=20 progress' state,=20 or, more clear, 'we_have_sent_the_form_and_expect_loginfields', so the=20 session is blocked until we get the cancel_login Effects:=20 -If you had just visited an unprotected page, you can't click 'back', you= =20 need to press cancel_login. -If you open an unpreotected page in a new browser window you get the log= in=20 form,=20 -etc because you presistent session it has an $auth object in it, with=20 auth[uid]=3D"form", that is you are not logged on, but you have the auth = object=20 to either clear or fully start. > > I'm having a hard time understanding. I don't want users to be able > to see ANY protected page without logging in, and ALL of my pages are > protected pages. The way it works now using the PHPLIB blocking method= , > all I have to do is call page_open() and it is assured that they are > blocked until they have logged in and gotten a session ID in a cookie > (fallback to GET). Does your "splash form" behavior in your new Auth > do that? yes, access blocking is same as before. Gian |
