Re: [Phplib-users] Patch for auth.inc in 7.2d
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re: [Phplib-users] Patch for auth.inc in 7.2d
|
From: Benjamin B. <b....@si...> - 2003-02-08 10:42:23
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Marko, take a look at auth.inc and I tell you the idea behind my patch: So what happens if you haven't authorized and call a page? First 'if ($this->is_authenticated())' (line 67), which you are not, so the else block is executed which sets $state to 1 (line 91). Then you go into the block for 'case 1' (line 95). As you want to login you are in "log"-mode so you go into the block for "log"-mode (line 109). If nobody is not set you go into the block after else (line 117). This is the point were my patch jumps in. Usually the phplib would now display the login form, ignoring that the username and password passed to the page might already contain the information necessary to login. All I do now is calling $uid = $this->auth_validatelogin() at this point to check these information passed to the page. If you have got further questions just drop me an eMail. Regards, Benne Am Freitag, 07.02.03, um 10:54 Uhr (Europe/Berlin) schrieb Marko Kaening: > Hi Benjamin, > >> does it still happen after you applied the patch to auth.inc? > still didn't apply the patch, since couldn't really figure out how to > reproduce this strange behaviour. So there is no real test of this > possible. just have to live with it so far. I also wait for some > response > from the list whether other people patched and what they thinkr about > this > approach. > > Marko - -- Benjamin Boksa b....@si... side by site GmbH & Co. KG Druckgestaltung & Webdesign Barbarastr. 3-9 (Block 6) D-50735 Koeln Fon: +49 221 2790964 Fax: +49 221 2790965 http://www.sidebysite.de/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (Darwin) iD8DBQE+RN8IR5U9XkJXZKwRAtfPAJwMNZd9flGk1N6Qvgf6fxkIQ+yFEQCeJ/QT BK/MmuGAxC405b/ARsiToWM= =qcux -----END PGP SIGNATURE----- |
