[Phplib-users] Reauthentication Woes

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

First let me say that I am very impressed with PHPLib!

I've been beating my head against my desk and going through the
documentation and sourceforge archives looking for some help.

When I log out, and log back in, my authentication is only valid for that
first page view - I'm prompted to reauthenticate on the second secured page
view.  From that point on, the application works normally.

I'm sure that made little sense, so I'll try to be more explicit:

My logout script calls
$sess->delete();
$auth->logout();
and then redirects the user to the secured home page - which naturally
fails.  $auth->auth_loginform() gets called and validLoginForm.ihtml draws a
login form.  The target of the login form is $this->url().  If the user
enters their username/password the secured home page displays.

I go ahead and logon, and the secured page comes up as expected.

If I call up any other secured page, $auth sends the browser back to
loginform.ihtml!  My logs show that somehow  HTTP_POST_VARS[username] and
HTTP_POST_VARS[password] are getting wiped out.  Of course that's not the
root of the problem, only "collateral damage".  I'm guessing my UID is
getting clobbered somewhere.  Why it's happening is beyond me and I could
really use some help here!

...now if I log on to this second call to loginform.ihtml, all is well!  The
session works as expected, secured pages work as they should, my different
permission levels all work normally.

Any suggestions and insight you'd like to share will be greatly appreciated!

Terry R.