RE: [Phplib-users] auth url question

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

OK, Joe and I had this disccussion too.  He wanted a function similar to
login_if, so I called it do_auth().  Same concept.  If you want to run auth
in the url mode, then start handles it.  If you want to run it in command
mode, that works too.

> -----Original Message-----
> From: Giancarlo [mailto:gia...@na...]
> Sent: Thursday, October 31, 2002 4:50 PM
> To: rob...@ws...
> Cc: Phplib-Users
> Subject: Re: [Phplib-users] auth url question
>
>
> Il 22:17, giovedì 31 ottobre 2002, Rob Hutton ha scritto:
> > Why do all three need to be run, the example that I sent
> handles all three,
> > but it does so in a structured fashion.  The only one that gets
> run is what
> > is asked for.  And that is the whole point.  Auth should try
> only what it
> > is inetentionally told to try.  Not try everything until
> something works...
>
> Then I prefer to call exactly what I want auth->start to do.
>
> So, eg (quick code), in page.inc:
>
>   if($whatever_we_want == "auth")
>    $auth->start('authenticate')
>   elsif ($whatever_we_want == "login")
>    $auth->start('login')
>   elsif ($whatever_we_want == "register")
>    $auth->start('register')
>
> That gives a lot more possibilities, because is done before and
> instead of
> calling the whole auth->start, and doesn't rely on any cascade logic, nor
> defers the trigger testing, to auth->start. I want to decide what auth
> function to call  case by case.
> With thsi structure it it more feasable to pilot the behaviour of
> auth, eg
>
> > Single, two-phase, and approval based registration
>
> as you said, could easliy be added like this, in page inc
>
> ### this mimics the auth->auth[uid]=='form' blocking login state
> if($sess_login_in_progress) {
>     if(!$auth->start('login') {
>        page_showform();
>     }
> }
>
> ## this mimics the actual behavior
>   if( ! $auth->start('authenticate') && (!$auth->start('login'))
>     $auth->start('register')
>
> etc.
>
> By having these three functionalities at hand, *separately, we
> can combine
> them to get the  behaviors we want *out of, and apart from, the
> start method*
>
> Gian
>
>
>
>
>
> >
> > > -----Original Message-----
> > > From: Giancarlo [mailto:gia...@na...]
> > > Sent: Thursday, October 31, 2002 4:08 PM
> > > To: rob...@ws...
> > > Cc: Phplib-Users
> > > Subject: Re: [Phplib-users] auth url question
> > >
> > > Il 15:23, giovedì 31 ottobre 2002, Rob Hutton ha scritto:
> > > > The more I think about this, the less I agree, because I think that
> > > > auth logic was/is flawed.  But attached is a version that I think
> > >
> > > will drop in.
> > >
> > > > IMHO, auth should have a definite structure.  It should not be
> > > > something where this and that gets tried until something happens to
> > > > work.
> > >
> > >  And in the
> > >
> > > > case of registration, you could type an existing user name and
> > >
> > > password and
> > >
> > > > get in.  And that is not acceptable on a site that deals with
> > >
> > > credit cards,
> > >
> > > > or business presentation, or a lot of things.
> > >
> > > auth_validatelogin and auth_doregister are in userland local.inc.
> > > A register
> > > form and a auth_doregister function is not even provided as
> an example.
> > > Add an input field to the register form, eg
> > > <input name=action value=register> and test it in auth_doregister.
> > > Same for validating the login, add
> > > <input name=actio value=login> in the loginform and test it in
> > > auth_validatelogin.
> > >
> > > Otherwise we cannot simply call auth->start and pretend it will do, by
> > > itself, any/everything needed. We'll need to call the three main start
> > > functions separately, as auth->start(authenticate),
> auth->start(login),
> > > auth->start(register). And this is definetely what I'd prefer.
> > >
> > > G
>