phplib-users

[Phplib-users] Default Auth? 7.2d

[Jacob H. <Jac...@fi...>]

Hi list,
 
I've got a auth system based heavily on the examples in the docs.
 
A little background:
home.php: the "index page" for an authenticated user
welcome.php: my login form (replacing loginform.ihtml)
 
Basically, you go to the site and are taken to home.php. You're not
authenticated yet, so you see welcome.php. You can then log in and
access the rest of the site. This works great.
 
Now, I show a footer on all pages (including welcome.php) that has
copyright info with links to a few things such as a Terms of Use
document. All documents and articles on the site are viewed through
library.php (which parses the articles into a template). Library.php
uses my normal auth class and works fine, as long as the user is logged
in, which is what I want...most of the time.
 
However, I need to be able to grant access to Terms of Use, etc. to
users who haven't logged in (such as viewing the document from
welcome.php).
 
The Default Auth feature seems like it should do the trick, but it's
not working. I've set library.php to use my default_auth subclass, but
I'm still getting the login page when I try to access library.php.
 
My default_auth subclass is just like the one in the docs.
 
Any ideas?
 
Thanks,
 
Jacob

Re: [Phplib-users] Default Auth? 7.2d

[<fr...@on...>]

On Wed, Feb 13, 2002 at 11:05:03AM -0700, Jacob Hanson wrote:
> The Default Auth feature seems like it should do the trick, but it's
> not working. I've set library.php to use my default_auth subclass, but
> I'm still getting the login page when I try to access library.php.

It doesn't work to use different Auth subclasses on different pages of
the same website.  Whatever Auth subclass appears in the first
page_open() that the user visits will be the auth class for all pages
visited in the site while that session persists.

A common approach to allowing unrestricted access to some pages and
not others is to set up the application's Auth subclass to use
"default authentication" -- $auth->nobody == true -- and then force
login on restricted pages by using something like this right after
calling page_open():

	$auth->login_if($auth->auth["uid"] == "nobody");


-- 
Fred Yankowski      fr...@on...           tel: +1.630.879.1312
OntoSys, Inc	    PGP keyID: 7B449345        fax: +1.630.879.1370
www.ontosys.com     38W242 Deerpath Rd, Batavia, IL 60510-9461, USA

Re: [Phplib-users] Default Auth? 7.2d

[Joe S. <jo...@be...>]

I believe these are links to previous discussions of this problem and a
solution:

http://marc.theaimsgroup.com/?l=phplib&m=94269299705992&w=2
http://marc.theaimsgroup.com/?l=phplib&m=97181231423086&w=2
http://marc.theaimsgroup.com/?l=phplib&m=97491904918866&w=2

Joe

On Wed, Feb 13, 2002 at 11:05:03AM -0700, Jacob Hanson wrote:
> Hi list,
>  
> I've got a auth system based heavily on the examples in the docs.
>  
> A little background:
> home.php: the "index page" for an authenticated user
> welcome.php: my login form (replacing loginform.ihtml)
>  
> Basically, you go to the site and are taken to home.php. You're not
> authenticated yet, so you see welcome.php. You can then log in and
> access the rest of the site. This works great.
>  
> Now, I show a footer on all pages (including welcome.php) that has
> copyright info with links to a few things such as a Terms of Use
> document. All documents and articles on the site are viewed through
> library.php (which parses the articles into a template). Library.php
> uses my normal auth class and works fine, as long as the user is logged
> in, which is what I want...most of the time.
>  
> However, I need to be able to grant access to Terms of Use, etc. to
> users who haven't logged in (such as viewing the document from
> welcome.php).
>  
> The Default Auth feature seems like it should do the trick, but it's
> not working. I've set library.php to use my default_auth subclass, but
> I'm still getting the login page when I try to access library.php.
>  
> My default_auth subclass is just like the one in the docs.
>  
> Any ideas?
>  
> Thanks,
>  
> Jacob